CISA Warns Of Active Exploitation Of Flaws In Fortinet, Ivanti, & Nice Linear


A recent security alert warns of three critical vulnerabilities actively exploited in the wild, of which the first is CVE-2023-48788, an SQL injection vulnerability in Fortinet FortiClient EMS.

Attackers can use SQL injection vulnerabilities to insert malicious SQL code into a program that depends on a database. 

It can give attackers unauthorized access to sensitive information, modify data, or disrupt operations.

The second vulnerability (CVE-2021-44529) is a code injection vulnerability present in the Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA).

Read more…