EMS showing FortiGuard Outbreak Detection false alarm

Forum|Forum|1 month ago
April 29, 2026
0 replies
6 views

A MacOS device running FortiClient 7.2.12 is showing this in the EMS:
FortiGuard Outbreak Detections
Iran-linked Cyber Attacks(compromised)

The EMS is very hard to use to get any more details than that. I eventually found the "FortiGuard Outbreak Detection Rule" called "Iran-linked Cyber Attacks" and found only one MacOS CVE: https://www.cve.org/CVERecord?id=CVE-2025-13223

The CVE states that the vulnerability is in "Google Chrome prior to 142.0.7444.175". The device is running 147.0.7727.138.

Why is FortiClientEMS showing this false alarm?

(At this point I am not trusting the EMS "FortiGuard Outbreak Detections" since it is not accurate.)

FortiClient

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded