In a recent PSIRT, Fortinet acknowledged CVE-2023-48788 – a SQL injection in FortiClient EMS that can lead to remote code execution. FortiClient EMS is an endpoint management solution for enterprises that provides a central location for administering enrolled endpoints.
Today, Horizon3.ai Exploit Developer James Horseman published “CVE-2023-48788: Fortinet FortiClientEMS SQL Injection Deep Dive” detailing the vulnerability and indicators of compromise, and linking to the proof of concept.
“This SQL injection vulnerability is caused by user controlled strings that are passed directly into database queries. In this post we will examine the internal workings of the exploit,” Horseman said.
Stephen Gates, Principal SME at Horizon3.ai, added: “NodeZero has incorporated protections for CVE-2023-48788. It can discover where organizations are exploitable, enabling them to mitigate and protect against the issues, and confirm with 1-click verify that they are no longer exploitable.”
The Horizon3.ai POC can be found here.
Related
This entry was posted on March 21, 2024 at 1:22 pm and is filed under Commentary with tags horizon3.ai. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Fortinet FortiClientEMS SQL Injection Deep Dive & Proof Of Concept
In a recent PSIRT, Fortinet acknowledged CVE-2023-48788 – a SQL injection in FortiClient EMS that can lead to remote code execution. FortiClient EMS is an endpoint management solution for enterprises that provides a central location for administering enrolled endpoints.
Today, Horizon3.ai Exploit Developer James Horseman published “CVE-2023-48788: Fortinet FortiClientEMS SQL Injection Deep Dive” detailing the vulnerability and indicators of compromise, and linking to the proof of concept.
“This SQL injection vulnerability is caused by user controlled strings that are passed directly into database queries. In this post we will examine the internal workings of the exploit,” Horseman said.
Stephen Gates, Principal SME at Horizon3.ai, added: “NodeZero has incorporated protections for CVE-2023-48788. It can discover where organizations are exploitable, enabling them to mitigate and protect against the issues, and confirm with 1-click verify that they are no longer exploitable.”
The Horizon3.ai POC can be found here.
Share this:
Like this:
Related
This entry was posted on March 21, 2024 at 1:22 pm and is filed under Commentary with tags horizon3.ai. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.