A critical vulnerability in Fortinet’s FortiClient Enterprise Management System (EMS) has fallen prey to active exploitation by attackers, as reported by threat intelligence firm Defused.
The vulnerability, identified as CVE-2022-26187, is a path traversal flaw in the FortiClient EMS, allowing remote attackers to execute arbitrary code on the affected system, thereby granting them full control over the system.
This vulnerability poses significant risks, particularly in environments where FortiClient EMS is utilized for managing endpoint security. The fact that this flaw is now being exploited in the wild underscores the need for immediate patching and mitigation strategies to prevent potential security breaches.
Organizations using FortiClient EMS are advised to apply the latest security patches and updates to prevent exploitation of the CVE-2022-26187 vulnerability. Additionally, they should monitor their systems closely for any signs of suspicious activity, ensuring the security and integrity of their networks.
Source: Original Article
