Changeflow GovPing Data Privacy & Cybersecurity FortiClient EMS Critical Vulnerability Active E...
Urgent Notice Added Final

FortiClient EMS Critical Vulnerability Active Exploitation Hotfix Urged

Favicon for www.csa.gov.sg CSA Alerts & Advisories (Singapore)
Published April 6th, 2026
Detected April 6th, 2026
Email

Summary

The Cyber Security Agency of Singapore issued an urgent alert about CVE-2026-35616, a critical improper access control vulnerability in FortiClient EMS versions 7.4.5 through 7.4.6. The vulnerability is being actively exploited in the wild and allows unauthenticated attackers to execute unauthorized code, potentially compromising the entire server. Fortinet has released a hotfix that users must install immediately.

View original document View source feed page

What changed

Fortinet released security updates addressing CVE-2026-35616, a critical improper access control vulnerability in FortiClient EMS affecting versions 7.4.5 through 7.4.6. The vulnerability enables unauthenticated attackers to execute unauthorized code or commands via crafted requests, potentially achieving full server compromise. The vulnerability is confirmed to be actively exploited in the wild.

Organizations using FortiClient EMS must immediately install the hotfix by following Fortinet's advisory (FG-IR-26-099) and update to the latest version once available. IT and security teams should prioritize patching given the active exploitation status and the severity of potential impact including complete system compromise.

What to do next

  1. Install the FortiClient EMS hotfix immediately for versions 7.4.5 through 7.4.6
  2. Update to the latest FortiClient EMS version once available
  3. Monitor for indicators of compromise and review Fortinet advisory FG-IR-26-099

Source document (simplified)

Alerts

Active Exploitation of Critical Vulnerability in FortiClient EMS

6 April 2026

Fortinet has released security updates to address a critical security vulnerability in FortiClient EMS. Users and administrators of affected versions are advised to install the hotfix immediately and update to the latest version once available.

Background

Fortinet has released security updates to address a critical improper access control vulnerability (CVE-2026-35616) affecting FortiClient EMS.

Impact

Successful exploitation of this vulnerability could allow an unauthenticated attacker to execute unauthorised code or commands via crafted requests, potentially resulting in a full compromise of the FortiClient EMS server.

Known Exploitation

This vulnerability is reportedly being exploited in the wild.

Affected Products

This vulnerability affects FortiClient EMS versions 7.4.5 through 7.4.6.

Mitigation

Users and administrators of affected products are advised to install the hotfix by following the instructions provided in Fortinet’s advisory and update to the latest version once available.

References

https://thehackernews.com/2026/04/fortinet-patches-actively-exploited-cve.html

https://fortiguard.fortinet.com/psirt/FG-IR-26-099

https://nvd.nist.gov/vuln/detail/CVE-2026-35616

Back to top

Named provisions

Background Impact Known Exploitation Affected Products Mitigation

Related changes

Favicon for www.csa.gov.sg F5 BIG-IP Critical Vulnerability Actively Exploited
Urgent Apr 06, 2026 CSA Alerts & Advisories (Singapore) Data Privacy & Cybersecurity
Favicon for www.csa.gov.sg Critical Vulnerabilities in Cisco Products
Urgent Apr 06, 2026 CSA Alerts & Advisories (Singapore) Data Privacy & Cybersecurity
Favicon for www.csa.gov.sg Advisory protecting websites from cyber-attacks
Routine Apr 06, 2026 CSA Alerts & Advisories (Singapore) Data Privacy & Cybersecurity
Favicon for www.cisa.gov Fortinet FortiClient EMS Improper Access Control Vulnerability Added to KEV Catalog
Urgent Apr 06, 2026 CISA ICS-CERT Advisories Data Privacy & Cybersecurity
Favicon for www.cisa.gov Fortinet FortiClientEMS Improper Access Control Vulnerability
Urgent Apr 06, 2026 CISA Cybersecurity Advisories Data Privacy & Cybersecurity
Favicon for www.parl.ca Bill C-8 Cybersecurity Act - An Act to enact cybersecurity legislation
Priority review Apr 06, 2026 Canada Parliament Bills Legislative

Source

Favicon for www.csa.gov.sg
CSA Alerts & Advisories (Singapore) csa.gov.sg/alerts-advisories
Data Privacy & Cybersecurity
Analysis generated by AI. Source diff and links are from the original.

Classification

Agency
CSA
Published
April 6th, 2026
Instrument
Notice
Legal weight
Binding
Stage
Final
Change scope
Substantive
Document ID
CVE-2026-35616

Who this affects

Applies to
Technology companies Government agencies
Industry sector
5112 Software & Technology 9261 Government Contracting
Activity scope
Vulnerability Patching Server Security Endpoint Management
Threshold
FortiClient EMS versions 7.4.5 through 7.4.6
Geographic scope
Singapore SG

Taxonomy

Primary area
Cybersecurity
Operational domain
IT Security
Compliance frameworks
NIST CSF NIST 800-53
Topics
Critical Infrastructure Software Vulnerability Management Network Security

Browse Categories

Agriculture & Food Safety 63 AI Regulation 3 Banking & Finance 266 Consumer Protection 44 Courts & Legal 361 Data Privacy & Cybersecurity 74 Defense & National Security 52 Education 20 Energy 101 Environment 85 Environmental Permits 1 Environmental Regulation 13 Government & Legislation 278 Healthcare 136 Housing 16 Immigration 9 Insurance 58 Labor & Employment 113 Legislative 1 Pharma & Drug Safety 104 Public Health 3 Securities & Markets 104 Securities Regulation 15 Tax 66 Telecom & Technology 47 Trade & Sanctions 124 Transportation 57

Get Data Privacy & Cybersecurity alerts

Weekly digest. AI-summarized, no noise.

Free. Unsubscribe anytime.

Get alerts for this source

We'll email you when CSA Alerts & Advisories (Singapore) publishes new changes.

Optional. Personalizes your daily digest.

Free. Unsubscribe anytime.