Summary
Fortinet patched a critical SQL injection vulnerability (CVE-2026-21643) in FortiClientEMS that allows unauthenticated attackers to execute arbitrary code.
Take Action:
If you are using FortiClientEMS make sure the management interface is isolated from the internet and accessible only from trusted networks. Then plan a quick patch if you are on 7.4 versions. Attackers will start exploting this very soon.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)