CISA Warns: New Critical Vulnerability in Fortinet and Microsoft
The CISA agency adds six actively exploited flaws to its KEV catalog, including a critical SQL injection vulnerability in Fortinet.

The United States Cybersecurity and Infrastructure Security Agency (CISA) has taken a firm step in protecting digital assets by adding six new security flaws to its Known Exploited Vulnerabilities (KEV) catalog. This update, released last Monday, is in response to clear evidence that malicious actors are actively exploiting these flaws to compromise systems worldwide.
Among the additions are flaws in software from tech giants like Fortinet, Microsoft, and Adobe, underscoring the persistent threat faced by both government agencies and the private sector from any unmitigated vulnerability.
Maximum Alert: The Critical Fortinet Case
The most concerning point of this update is the inclusion of CVE-2026-21643, a flaw detected in Fortinet FortiClient EMS. This error has been rated with a CVSS score of 9.1, placing it in the critical risk category. It is an SQL injection vulnerability that could allow an unauthenticated attacker to execute unauthorized code or commands through specifically crafted requests.
The severity of this finding lies in the popularity of Fortinet solutions in corporate environments. A successful hack exploiting this breach would allow attackers to gain an initial foothold within protected networks, facilitating lateral movement and the exfiltration of sensitive data.
Diversification of Attacks and the Risk of Ransomware
In addition to Fortinet, the KEV catalog now includes flaws in products from Microsoft and Adobe. Inclusion on this list is no small matter; it implies that exploitation is no longer theoretical but is happening in the real world. Historically, these types of weaknesses are the preferred entry vector for groups deploying ransomware, who seek to encrypt organizations' information to demand multi-million dollar payments.
"The identification and immediate patching of these vulnerabilities are the most effective defense against the cyberespionage and digital extortion campaigns we see today," state industry experts.
It is crucial to understand that these attacks are often combined with other tactics. For example, in other Cybersecurity: APT37 Uses Social Engineering to Launch its Hack scenarios, we observe how advanced persistent threat groups exploit any technical oversight to infiltrate.
Urgent Measures for System Administrators
CISA's directive mandates U.S. federal agencies to apply the corresponding patches within strict deadlines, but the recommendation extends to all organizations globally. To mitigate the risk, the following actions are suggested:
- Immediate Audit: Identify all instances of
FortiClient EMS, Microsoft, and Adobe that match the affected versions. - Priority Update: Apply the official security patches provided by the manufacturers immediately.
- Network Monitoring: Analyze logs for SQL injection patterns or unusual traffic that suggests the breach has already been exploited.
Modern cybersecurity allows no waiting times. With the emergence of critical flaws like CVE-2026-21643, the window of opportunity for defenders closes rapidly against increasingly automated attackers.
Source: The Hacker News
Related articles
11 de julio de 2026
Condemna històrica: membre de la banda Ryuk ransomware admet la seva culpabilitat
Un ciutadà armeni es declara culpable als EUA pel desplegament de ransomware Ryuk, afrontant una possible sentència de 15 anys de presó.
11 de julio de 2026
Historic Conviction: Ryuk Ransomware Gang Member Admits Guilt
An Armenian national pleads guilty in the U.S. for deploying Ryuk ransomware and faces a potential 15-year prison sentence.
11 de julio de 2026
Condena histórica: miembro de la banda Ryuk ransomware admite su culpa
Un ciudadano armenio se declara culpable en EE. UU. por el despliegue de ransomware Ryuk, enfrentando una posible sentencia de 15 años de prisión.
10 de julio de 2026
Hackers exploten Microsoft Entra: Nova vulnerabilitat en passkeys
Un grup d'actors maliciosos utilitza enginyeria social per comprometre comptes de Microsoft 365 mitjançant falsos registres de passkeys a Entra.
Loading comments...