Critical Fortinet Forticlient EMS flaw now exploited in attacks Attackers are actively exploiting CVE-2026-21643, a critical SQL injection in Fortinet's FortiClient EMS that allows unauthenticated actors to execute arbitrary code via the EMS web interface. The flaw affects FortiClient EMS 7.4.4 and can be remediated by upgrading to 7.4.5 or later, while thousands of instances remain exposed online according to Shodan and Shadowserver. #CVE202621643 #FortiClientEMS

Critical SQL injection CVE-2026-21643 in Fortinet FortiClient EMS 7.4.4 is actively exploited, allowing unauthenticated code execution via EMS web interface. Patch to 7.4.5+ to fix thousands exposed globally. #FortinetFlaw #SQLInjection #USA

Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign If you use Fortinet FortiClient EMS, patch NOW. Hackers are actively using a new exploit

Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign
thehackernews.com/2024/04/hack...
#Infosec #Security #Cybersecurity #CeptBiro #FortinetFlaw #ScreenConnect #Metasploit #NewCampaign