Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now actively exploited in attacks.
CISA confirmed today that attackers are actively exploiting a critical remote code execution (RCE) bug patched by Fortinet on Thursday.
Fortinet is warning that a new critical remote code execution vulnerability in FortiOS SSL VPN is potentially being exploited in attacks.
Fortinet says a critical FortiOS SSL VPN vulnerability that was patched last week "may have been exploited" in attacks impacting government, manufacturing, and critical infrastructure organizations.