Forticlient EMS flaw actively exploited in the wild

An improper neutralization of special elements used in a SQL command in Fortinet’s FortiClient EMS version 7.2.0 through 7.2.2. FortiClient EMS 7.0.1 through 7.0.10 allows attackers to execute unauthorized code or commands via specially crafted packets. The Uganda National CERT and Coordination Center (CERT.UG/CC) strongly advises all Sys and network admins to review and implement the appropriate patches. The details of the updates can be found here.

RELATED ADVISORIES

Advisories 9 April 2024

Cisco Releases Security Updates for IOS XR Software

Cisco released security updates to address vulnerabilities in Cisco IOS XR software. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected device. The Uganda National CERT and Coordination Center (CERT.UG/CC) strongly advises all sys and network admins to review and implement the appropriate patches. The details of the updates are:

Joomla Security Update

Advisories 28 February 2024

Microsoft Exchange Server Security Advisory

Advisories 28 February 2024

FortiSIEM Security Update

Advisories 17 November 2023

Microsoft November Updates

Advisories 17 November 2023

Zimbra Zero-Day Flaw

Advisories 17 November 2023

QNAP Security Update

Advisories 7 November 2023