A critical vulnerability in Fortinet's FortiClient EMS software has been identified and is currently being actively exploited, as confirmed by cybersecurity agencies and researchers. Users are urged to patch now. The exploit, which does not require user interaction and is considered low-complexity, was made public through a proof-of-concept released by researchers, with an exploit available for this flaw. The Cybersecurity and Infrastructure Security Agency (CISA) has acknowledged the presence of active exploitation of this vulnerability. Additionally, other critical vulnerabilities were reported in Ivanti EPM Cloud Services Appliance and the eMerge E-Series OS, which have also been added to CISA's Known Exploited Vulnerabilities Catalog.
Critical vulnerabilities in @Fortinet FortiClient EMS, the @GoIvanti EPM Cloud Services Appliance, and the @nice_linear eMerge E-Series OS were added to the @CISAgov Known Exploited Vulnerabilities Catalog. #cybersecurity #infosec #ITsecurity https://t.co/gzjS0yEEuD
Hackers exploit Ray framework flaw to breach servers, hijack resources https://t.co/6H8pdcsfUx
CISA said it has found ‘evidence of active exploitation’ for a vulnerability in Fortinet’s FortiClient Enterprise Management Server (EMS). https://t.co/DI5dqbXuZK
Exploit available for critical flaw in FortiClient Server https://t.co/PVuzlhRmzG
If you're using Fortinet's FortiClient EMS software, patch now! Researchers released a proof-of-concept exploit for a critical vulnerability which is now being actively exploited in low-complexity attacks that don't require user interaction. Read more: https://t.co/LgNQ7UpDlu