Fortinet patched a critical SQL injection vulnerability (CVE-2023-48788) in its FortiClient EMS software, allowing unauthenticated attackers to achieve remote code execution with SYSTEM privileges.