Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign
Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign
17 April 2024
Cybersecurity researchers have discovered a new campaign that's exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun payloads.
The activity entails the exploitation of CVE-2023-48788 (CVSS score: 9.3), a critical SQL injection flaw that could permit an unauthenticated attacker to execute unauthorized code or