{"id":229414,"date":"2026-03-30T19:19:00","date_gmt":"2026-03-30T23:19:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/03\/30\/fortinet-hit-by-another-exploited-cybersecurity-flaw\/"},"modified":"2026-03-30T20:05:20","modified_gmt":"2026-03-31T00:05:20","slug":"fortinet-hit-by-another-exploited-cybersecurity-flaw","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/03\/30\/fortinet-hit-by-another-exploited-cybersecurity-flaw\/","title":{"rendered":"Fortinet hit by another exploited cybersecurity flaw"},"content":{"rendered":"<p><a href=\"https:\/\/www.csoonline.com\/article\/4152117\/fortinet-hit-by-another-exploited-cybersecurity-flaw.html\">Fortinet hit by another exploited cybersecurity flaw<\/a><\/p>\n<p><a href=\"https:\/\/www.csoonline.com\/article\/4152117\/fortinet-hit-by-another-exploited-cybersecurity-flaw.html\">https:\/\/www.csoonline.com\/article\/4152117\/fortinet-hit-by-another-exploited-cybersecurity-flaw.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-30 19:19:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.csoonline.com\">www.csoonline.com<\/a><\/p>\n<p>The flaw is described as \u201can improper neutralization of special elements\u201d used in a SQL command vulnerability. This means that a single HTTP request with a crafted header value is sufficient to execute arbitrary SQL against the backing PostgreSQL database, according to a deep dive report by pentesting company Bishop Fox. An attacker who can reach the EMS web interface over HTTPS \u201cneeds no credentials to exploit this,\u201d it said.<\/p>\n<p>\u201cThis gives attackers access to admin credentials, endpoint inventory data, security policies, and certificates for managed endpoints,\u201d the researchers wrote. They pointed out that the endpoint returns database error messages and has no lockout protections, allowing attackers to quickly extract sensitive data.<\/p>\n<p>The Shadowserver Foundation, a nonprofit security watchdog, is currently tracking more than 2,400 FortiClient EMS instances with web interfaces exposed to the internet, the majority of them in the US and Europe. And Shodan, a search engine for internet-connected devices, reported 1,000 publicly-exposed instances of FortiClient EMS.<\/p>\n<p><a href=\"https:\/\/www.csoonline.com\/article\/4152117\/fortinet-hit-by-another-exploited-cybersecurity-flaw.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Fortinet hit by another exploited cybersecurity flaw https:\/\/www.csoonline.com\/article\/4152117\/fortinet-hit-by-another-exploited-cybersecurity-flaw.html Publish Date: 2026-03-30 19:19:00 Source Domain: www.csoonline.com&#8230;<\/p>\n","protected":false},"author":1,"featured_media":229415,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.csoonline.com\/wp-content\/uploads\/2026\/03\/4152117-0-20030200-1774912779-Fortinet-building.jpg?quality=50&strip=all&w=1024","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,31,27],"class_list":["post-229414","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-exploit","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/229414"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=229414"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/229414\/revisions"}],"predecessor-version":[{"id":229416,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/229414\/revisions\/229416"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/229415"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=229414"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=229414"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=229414"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}