Fortinet Issues Emergency Patch for Actively Exploited FortiClient EMS Zero-Day CVE-2026-35616
Fortinet has deployed an emergency hotfix for CVE 2026 35616, a CVSS 9.1 improper access control flaw in FortiClient Endpoint Management Server that allows una…
Published on MyPrivateClaw
Apr 8, 2026, 9:25 AM UTC
Coverage date
Apr 6, 2026
Last updated
Apr 8, 2026, 9:25 AM UTC
News summary
Another Fortinet Zero Day Under Active Exploitation Fortinet has released an emergency hotfix for CVE 2026 35616, a critical vulnerability in FortiClient Endpoint Management Server (EMS) that has been confirmed as exploited in the wild. The flaw carries a CVSS score of 9.1 and allows an unauthenticated attacker to execute arbitrary code or commands through crafted HTTP requests. The vulnerability is classified as an improper access control weakness (CWE 284). Fortinet's security advisory confirmed active exploitation and urged customers to immediately apply the hotfix for FortiClient EMS versions 7.4.5 and 7.4.6. A permanent fix will be included in the upcoming FortiClientEMS 7.4.7 release. Pattern of Fortinet Exploitation This is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild shortly after — or even before — public disclosure. Fortinet products,…