Fortinet has released emergency patches for a critical security flaw CVE-2026-35616 (CVSS score: 9.1) affecting FortiClient EMS that is being actively exploited in the wild. The vulnerability allows unauthenticated attackers to execute unauthorized code or commands via crafted requests, representing a pre-authentication API access bypass leading to privilege escalation. The flaw affects FortiClient EMS versions 7.4.5 through 7.4.6, with a full patch expected in version 7.4.7, though Fortinet has released a hotfix. Security researchers from Defused Cyber observed zero-day exploitation of the vulnerability earlier this week. This represents part of a broader trend where vulnerability exploits have overtaken phishing as the primary method for initial access, with Cisco Talos reporting that nearly 40% of all intrusions in Q4 2025 were due to exploited flaws.
FortiClient EMS Critical Vulnerability Under Active Attack
T
The Hacker News
Tuesday, April 7, 2026·5 min read·Web3
Source: thehackernews.com·This article is an original analysis by CryptoFirst based on publicly available information.
#zero-day#Fortinet#enterprise#patch#active exploitation
Disclaimer: CryptoFirst provides news analysis for informational purposes only. This is not financial advice. Cryptocurrency investments are subject to market risks. Please do your own research before making any investment decisions.
