Fortinet has identified a vulnerability in its FortiClientEMS software that can allow attackers to execute arbitrary code remotely, elevate privileges, and bypass security policies. The flaw, identified as CVE-2026-35616, affects FortiClientEMS versions 7.4.x from 7.4.5 onward that have not received the latest security patches. According to Fortinet, the vulnerability is actively being exploited. Users of the affected versions are urged to apply the security patches detailed in Fortinet’s security bulletin FG‑IR‑26‑099, released on 4 April 2026. The bulletin provides instructions for updating the software to mitigate the risk. For more information, consult the Fortinet bulletin or the CVE entry. Affected systems should also ensure that network perimeter controls are enforced to mitigate potential exploitation.
Summary of content from
Made by AI. If you spot anything of concern write us at contact@cybach.com. We’ll promptly correct irregularities.