Summary
Fortinet's FortiClient EMS is being exploited via a critical SQL injection vulnerability (CVE-2026-21643) that allows unauthenticated remote code execution.
Take Action:
If you are using FortiClientEMS this is urgent: Make sure the management interface is isolated from the internet and accessible only from trusted networks. Then plan an immediate patch if you are on 7.4 versions. Attackers are exploiting this flaw.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)