Ongoing attacks leveraging security bugs impacting Fortinet FortiClient EMS, Ivanti Endpoint Manager Cloud Service Appliance, and Nice Linear eMerge E3-Series devices have resulted in their inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, Security Affairs reports.
All of the vulnerabilities should be remediated by federal agencies by Apr. 15, according to CISA. Most severe of the newly added security issues is a critical SQL injection bug in Fortinet FortiClient EMS, tracked as CVE-2023-48788, which could facilitate unauthorized code or command execution through specially crafted requests. Such a vulnerability already had its proof-of-concept exploit released by Horizon3 researchers, who leveraged Microsoft SQL Server's xp_cmdshell functionality to let the flaw enable remote code execution. On the other hand, threat actors could exploit the second flaw, a code injection issue in Ivanti EPM CSA, tracked as CVE-2021-44529, to allow arbitrary code execution with limited permissions. Meanwhile, Nice Linear eMerge E3-Series appliances are being affected by intrusions leveraging the command injection flaw, tracked as CVE-2019-7256.
