A critical SQL injection vulnerability in Fortinet's FortiClient Enterprise Management System (EMS) is being actively exploited by attackers, allowing them to execute arbitrary code remotely without authentication. This vulnerability enables attackers to send crafted HTTP requests, gaining control over the system. The flaw is particularly concerning as it can be exploited without any user interaction, making it a high-risk threat. Fortinet has not yet disclosed the CVE number for this vulnerability, but the exploitation has begun, putting organizations using FortiClient EMS at risk. The vulnerability can be used to gain unauthorized access to sensitive data and disrupt operations. This exploitation matters to security practitioners because it highlights the need for immediate patching and monitoring of FortiClient EMS systems to prevent potential breaches1.