Ethical Hacking News
Fortinet's FortiClient EMS platform has been compromised by a critical vulnerability (CVE-2026-35616) that allows attackers to bypass authentication and gain unauthorized access. The company has issued emergency patches for affected versions, and users are urged to install these hotfixes immediately to mitigate the risk.
Fortinet has announced an emergency patch for a critical vulnerability (CVE-2026-35616) in its FortiClient EMS platform. The vulnerability allows attackers to bypass authentication through an API and escalate privileges, posing a significant risk to affected systems. Fortinet has issued emergency patches for versions 7.4.5 and 7.4.6, and will include the permanent fix in version 7.4.7. The vulnerability was actively exploited before it was publicly disclosed, highlighting its severity. The CVSS score for CVE-2026-35616 is 9.1, categorizing it as a critical flaw.
Fortinet, a leading provider of cybersecurity solutions, has recently announced an emergency patch for a critical vulnerability (CVE-2026-35616) in its FortiClient EMS platform. This high-severity flaw allows attackers to bypass authentication through an API and escalate privileges, posing a significant risk to affected systems.
The vulnerability, tracked as CVE-2026-35616, was first observed by Defused researchers who noticed that threat actors were exploiting it earlier in the week. According to Defused, attackers can smuggle SQL statements through the "Site"-header, which allows them to bypass authentication and gain unauthorized access to sensitive data.
In response to this vulnerability, Fortinet has issued emergency patches for affected versions of FortiClient EMS, specifically 7.4.5 and 7.4.6. The company urges users of these versions to install the available hotfixes immediately, as the flaw is already being exploited in attacks in the wild.
Fortinet's admission that the vulnerability was actively exploited before it was publicly disclosed highlights the severity of this issue. The company has confirmed that Simo Kohonen from Defused and Nguyen Duc Anh responsibly disclosed the vulnerability after observing active exploitation of the issue as a zero-day.
The CVSS (Common Vulnerability Scoring System) score for CVE-2026-35616 is 9.1, which categorizes it as a critical flaw. This rating emphasizes the potential impact that this vulnerability could have on affected systems and data.
To mitigate the risk posed by this vulnerability, Fortinet has announced that a permanent fix will also be included in version 7.4.7 of the FortiClient EMS platform. In addition to installing available hotfixes for versions 7.4.5 and 7.4.6, users are advised to apply the patch from version 7.4.7 as soon as possible.
The discovery of this vulnerability highlights the importance of keeping software up-to-date and implementing robust security measures. As cybersecurity threats continue to evolve, it is essential for organizations to stay vigilant and proactive in protecting their systems and data from potential attacks.
In light of this development, it is crucial for users of FortiClient EMS to take immediate action to address this vulnerability. By installing the available hotfixes and applying the patch from version 7.4.7, users can significantly reduce the risk of exploitation by threat actors.
Fortinet's swift response to this critical vulnerability demonstrates the company's commitment to security and its dedication to protecting its customers' systems and data.
In conclusion, CVE-2026-35616 is a high-severity flaw in Fortinet's FortiClient EMS platform that allows attackers to bypass authentication through an API. The vulnerability has already been exploited in attacks in the wild, and Fortinet has issued emergency patches for affected versions. It is essential for users of these versions to install the available hotfixes immediately to mitigate the risk posed by this flaw.
Related Information:
https://www.ethicalhackingnews.com/articles/A-Critical-Vulnerability-in-Fortinets-FortiClient-EMS-Platform-A-High-Severity-Flaw-Exploited-in-the-Wild-ehn.shtml
https://securityaffairs.com/190392/hacking/cve-2026-35616-fortinet-fixes-actively-exploited-high-severity-flaw.html
https://labs.cloudsecurityalliance.org/research/csa-research-note-fortinet-forticlient-ems-cve-2026-35616-20/
https://thehackernews.com/2026/04/fortinet-patches-actively-exploited-cve.html
Published: Mon Apr 6 01:36:44 2026 by llama3.2 3B Q4_K_M
