CVE-2023-48788

CRITICAL
2024-03-12 [email protected]
9.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
Mar 26, 2026 - 11:19 vuln.today
Added to CISA KEV
Oct 24, 2025 - 12:54 cisa
CISA KEV
EUVD Exploitation Confirmed
Oct 24, 2025 - 12:54 euvd
EUVD KEV
CVE Published
Mar 12, 2024 - 15:15 nvd
CRITICAL 9.8

Description

A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets.

Analysis

Fortinet FortiClientEMS contains a SQL injection vulnerability allowing unauthenticated attackers to execute unauthorized code through crafted requests to the management server.

Technical Context

The CWE-89 SQL injection in FortiClientEMS's request processing allows attackers to inject SQL statements through crafted network packets. The SQL injection can be escalated to OS command execution through the xp_cmdshell stored procedure or similar techniques.

Affected Products

['FortiClientEMS 7.2.0 through 7.2.2', 'FortiClientEMS 7.0.1 through 7.0.10']

Remediation

Update FortiClientEMS immediately. Restrict management interface access. Audit managed endpoints for unauthorized configuration changes. Monitor database for evidence of SQL injection.

Priority Score

203
Low Medium High Critical
KEV: +50
EPSS: +94.1
CVSS: +49
POC: 0

Share

CVE-2023-48788 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy