"An improper access control vulnerability [CWE-284] in FortiClient EMS may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests."
"Fortinet has observed this to be exploited in the wild and urges vulnerable customers to install the hotfix for FortiClient EMS 7.4.5 and 7.4.6."
"Successful exploitation of the flaw could allow an unauthenticated attacker to sidestep API authentication and authorization protections, and execute malicious code or commands via crafted requests."
"The timing of the ramp-up of in-the-wild exploitation of this zero-day is likely not coincidental."
Fortinet has issued out-of-band patches for a critical vulnerability in FortiClient EMS, tracked as CVE-2026-35616, with a CVSS score of 9.1. This pre-authentication API access bypass can lead to privilege escalation, allowing unauthorized code execution via crafted requests. The flaw affects versions 7.4.5 to 7.4.6, with a hotfix available and a full patch expected in version 7.4.7. Exploitation attempts were first recorded on March 31, 2026, and users are urged to update to the latest version promptly due to the severity of the vulnerabilities.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]