{"version":"1.0","provider_name":"Forescout","provider_url":"https:\/\/www.forescout.com","author_name":"Tim Ferman","author_url":"https:\/\/www.forescout.com\/blog\/author\/tim-ferman\/","title":"Connect:fun - Detailing an exploitation campaign targeting FortiClient EMS via CVE-2023-48788 - Forescout","type":"rich","width":600,"height":338,"html":"<blockquote class=\"wp-embedded-content\" data-secret=\"RZlDB2Mfg5\"><a href=\"https:\/\/www.forescout.com\/resources\/connectfun-threat-briefing\/\">Connect:fun  &#8211; Detailing an exploitation campaign targeting FortiClient EMS via CVE-2023-48788<\/a><\/blockquote><iframe sandbox=\"allow-scripts\" security=\"restricted\" src=\"https:\/\/www.forescout.com\/resources\/connectfun-threat-briefing\/embed\/#?secret=RZlDB2Mfg5\" width=\"600\" height=\"338\" title=\"&#8220;Connect:fun  &#8211; Detailing an exploitation campaign targeting FortiClient EMS via CVE-2023-48788&#8221; &#8212; Forescout\" data-secret=\"RZlDB2Mfg5\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" class=\"wp-embedded-content\"><\/iframe><script type=\"text\/javascript\">\n\/* <![CDATA[ *\/\n\/*! This file is auto-generated *\/\n!function(d,l){\"use strict\";l.querySelector&&d.addEventListener&&\"undefined\"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!\/[^a-zA-Z0-9]\/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret=\"'+t.secret+'\"]'),o=l.querySelectorAll('blockquote[data-secret=\"'+t.secret+'\"]'),c=new RegExp(\"^https?:$\",\"i\"),i=0;i<o.length;i++)o[i].style.display=\"none\";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(\"style\"),\"height\"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):\"link\"===t.message&&(r=new URL(s.getAttribute(\"src\")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(\"message\",d.wp.receiveEmbedMessage,!1),l.addEventListener(\"DOMContentLoaded\",function(){for(var e,t,s=l.querySelectorAll(\"iframe.wp-embedded-content\"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(\"data-secret\"))||(t=Math.random().toString(36).substring(2,12),e.src+=\"#?secret=\"+t,e.setAttribute(\"data-secret\",t)),e.contentWindow.postMessage({message:\"ready\",secret:t},\"*\")},!1)))}(window,document);\n\/* ]]> *\/\n<\/script>\n","description":"On March 12, 2024 Fortinet published an advisory about CVE-2023-48788, a SQL injection vulnerability in its Fortinet\u2019s FortiClient EMS security management solution. On March 21, researchers released a proof of concept (PoC) exploit for the vulnerability, and since then, there have been reports of exploits in the wild leading CISA to add the CVE to its list of Known Exploited Vulnerabilities (KEV) on March 25."}