1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Fortinet FortiClient EMS SQL Injection Vulnerability

Known Exploited Vulnerabilities CVE-2023-48788 Mappings

A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2023-48788 Fortinet FortiClient EMS SQL Injection Vulnerability secondary_impact T1105 Ingress Tool Transfer
Comments
This is an SQL injection vulnerability that can be exploited to execute remote code via specially crafted HTTP requests. Adversaries have been observed using this exploit to deploy tools on the target machine.
References
  1. https://redcanary.com/blog/threat-intelligence/cve-2023-48788/
  2. https://www.esentire.com/security-advisories/widespread-exploitation-of-fortinet-vulnerability-cve-2023-48788
CVE-2023-48788 Fortinet FortiClient EMS SQL Injection Vulnerability primary_impact T1059 Command and Scripting Interpreter
Comments
This is an SQL injection vulnerability that can be exploited to execute remote code via specially crafted HTTP requests. Adversaries have been observed using this exploit to deploy tools on the target machine.
References
  1. https://redcanary.com/blog/threat-intelligence/cve-2023-48788/
  2. https://www.esentire.com/security-advisories/widespread-exploitation-of-fortinet-vulnerability-cve-2023-48788
CVE-2023-48788 Fortinet FortiClient EMS SQL Injection Vulnerability exploitation_technique T1190 Exploit Public-Facing Application
Comments
This is an SQL injection vulnerability that can be exploited to execute remote code via specially crafted HTTP requests. Adversaries have been observed using this exploit to deploy tools on the target machine.
References
  1. https://redcanary.com/blog/threat-intelligence/cve-2023-48788/
  2. https://www.esentire.com/security-advisories/widespread-exploitation-of-fortinet-vulnerability-cve-2023-48788