Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS
The Hacker News • • business
Key Points:
- Fortinet has released urgent patches for a critical vulnerability (CVE-2026-35616) in FortiClient EMS versions 7.4.5 to 7.4.6, which has been actively exploited in the wild and allows unauthenticated attackers to bypass API access controls and escalate privileges.
- The flaw, with a CVSS score of 9.1, enables attackers to execute unauthorized code or commands via crafted requests, posing a severe security risk to affected users.
- A hotfix is available now, with a full patch expected in version 7.4.7, and Fortinet strongly urges customers to apply updates immediately to mitigate ongoing attacks.
- This vulnerability follows another critical zero-day (CVE-2026-21643) in FortiClient EMS recently exploited, raising concerns about multiple unauthenticated security issues in a short period.
- Security experts warn that attackers are exploiting holiday periods like Easter to maximize impact, emphasizing the need for urgent emergency response and immediate patching by organizations using FortiClient EMS.
