Summary
Fortinet has released emergency hotfix for an actively exploited critical zero-day vulnerability (CVE-2026-35616) in FortiClient EMS that allows unauthenticated attackers to bypass API security and run arbitrary commands.
Take Action:
If you use FortiClient EMS versions 7.4.5 or 7.4.6, apply Fortinet's emergency hotfix ASAP. It's being actively exploited andcan give attackers full control of your endpoint management server. While you're at it, check your EMS API logs for any signs of unauthorized access or unusual command execution that might indicate you've already been compromised.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)