Description
An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.
Published: 2026-02-06
Score: 9.1 Critical
EPSS: 62.5% High
KEV: Yes
Impact: n/a
Action: n/a
AI Analysis

Impact

An improper neutralization of special elements used in an SQL command permits SQL injection (CWE‑89) in FortiClientEMS 7.4.4. This flaw allows an unauthenticated attacker to supply crafted HTTP requests that result in execution of arbitrary SQL statements, thereby potentially enabling the attacker to execute unauthorized code or commands.

Affected Systems

The affected product is Fortinet FortiClientEMS, specifically version 7.4.4. Fortinet has advised upgrading to version 7.4.5 or higher, or the upcoming 8.0.0 release, to address the issue.

Risk and Exploitability

The CVSS score of 9.1 indicates critical severity. An EPSS score of ~0.63% indicates a very low probability that the vulnerability will be exploited. The vulnerability is listed in the CISA Known Exploited Vulnerabilities catalog, suggesting that it is actively targeted. Attackers can exploit the flaw remotely as an unauthenticated user by sending specially crafted HTTP requests to the FortiClientEMS service, potentially leading to remote code execution.

Generated by OpenCVE AI on May 22, 2026 at 16:37 UTC.

Remediation

Vendor Solution

Upgrade to upcoming FortiClientEMS version 8.0.0 or above Upgrade to FortiClientEMS version 7.4.5 or above

OpenCVE Recommended Actions

  • Upgrade FortiClientEMS to version 7.4.5 or higher, or to the 8.0.0 release as available.
  • Restart the FortiClientEMS service after installing the update so the new code is loaded.
  • Restrict unauthenticated HTTP traffic to FortiClientEMS by configuring firewall or network rules to allow only trusted IP addresses until the upgrade is complete.

Generated by OpenCVE AI on May 22, 2026 at 16:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 22 May 2026 16:45:00 +0000

Type Values Removed Values Added
Title SQL Injection in FortiClientEMS 7.4.4 Allowing Unauthenticated Code Execution

Tue, 19 May 2026 15:30:00 +0000

Type Values Removed Values Added
Title SQL Injection Vulnerability in FortiClientEMS 7.4.4 Allows Unauthenticated Remote Code Execution

Thu, 07 May 2026 15:00:00 +0000

Type Values Removed Values Added
Title SQL Injection Vulnerability in FortiClientEMS 7.4.4 Allows Unauthenticated Remote Code Execution

Wed, 22 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
Title SQL Injection in FortiClientEMS Enables Unauthorized Code Execution

Wed, 15 Apr 2026 18:00:00 +0000

Type Values Removed Values Added
Title SQL Injection in FortiClientEMS Enables Unauthorized Code Execution

Tue, 14 Apr 2026 14:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:fortinet:forticlientems:*:*:*:*:*:*:*:*

Mon, 13 Apr 2026 18:15:00 +0000

Type Values Removed Values Added
References
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

 ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 13 Apr 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2026-04-13T00:00:00+00:00', 'dueDate': '2026-04-16T00:00:00+00:00'}

Mon, 30 Mar 2026 13:15:00 +0000

Type Values Removed Values Added
References
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

 ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 17 Feb 2026 21:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:fortinet:forticlientems:*:*:*:*:*:*:*:*

Fri, 06 Feb 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 06 Feb 2026 08:30:00 +0000

Type Values Removed Values Added
Description An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.
First Time appeared Fortinet
Fortinet forticlientems
Weaknesses CWE-89
CPEs cpe:2.3:a:fortinet:forticlientems:7.4.4:*:*:*:*:*:*:*
Vendors & Products Fortinet
Fortinet forticlientems
References
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C'}

Subscriptions

Fortinet Forticlientems
cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published:

Updated: 2026-04-14T03:55:26.806Z

Reserved: 2026-01-02T08:41:26.514Z

Link: CVE-2026-21643

cve-icon Vulnrichment

Updated: 2026-02-06T14:53:24.618Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-06T09:15:49.330

Modified: 2026-04-14T14:21:18.670

Link: CVE-2026-21643

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-22T16:45:06Z

Weaknesses