Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

2026-04-05

1 min read

by info@thehackernews.com (The Hacker News)

Read Original

Get the latest tech trends every morning

Receive daily AI-curated summaries of engineering articles from top tech companies worldwide.

Endigest AI Core Summary

Fortinet has released emergency patches for CVE-2026-35616, a critical pre-authentication API access bypass vulnerability in FortiClient EMS actively exploited in the wild.

•CVE-2026-35616 (CVSS 9.1) is an improper access control flaw (CWE-284) in FortiClient EMS versions 7.4.5 and 7.4.6, allowing unauthenticated remote code execution via crafted API requests.
•Zero-day exploitation was first recorded by watchTowr honeypots on March 31, 2026, and confirmed by Defused Cyber earlier this week.
•A hotfix is now available for affected versions; a full fix is expected in the upcoming version 7.4.7.
•This is the second critical unauthenticated vulnerability in FortiClient EMS within weeks, following CVE-2026-21643 (CVSS 9.1), which is also under active exploitation.
•

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

Get the latest tech trends every morning

Endigest AI Core Summary

Related Articles

$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation

April 05, 2026

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

April 04, 2026