Fortinet FortiClientEMS Remote Code Execution Vulnerability
Release Date: 8 Apr 2026
RISK: Extremely High Risk
TYPE: Operating Systems - Networks OS
A vulnerability has been identified in Fortinet FortiClientEMS. A remote attacker could exploit this vulnerability to trigger remote code execution and elevation of privilege on the targeted system.
Note:
CVE-2026-35616 is being exploited in the wild. An Improper Access Control vulnerability in FortiClient EMS may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.
Impact
- Remote Code Execution
- Elevation of Privilege
System / Technologies affected
- FortiClientEMS 7.4 versions 7.4.5 through 7.4.6
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor:
FortiClientEMS 7.4.7 or later version
沒有留言:
發佈留言