Multiple agencies worldwide issue alerts for CVE-2026-35616 as attackers target enterprise networks.
CISA published a critical advisory for CVE-2026-35616, an improper access control vulnerability in Fortinet FortiClientEMS versions 7.4.5 through 7.4.6 carrying a CVSS score of 9.1. The agency added the vulnerability to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation.
Coordinated alerts from CSA Singapore, CERT-Bund Germany, and CERT-FR France warn that the vulnerability allows unauthenticated attackers to execute arbitrary code and gain full system control.
Organizations running FortiClientEMS should apply patches immediately and audit network access logs for indicators of compromise.
Sources
Fortinet FortiClientEMS Improper Access Control Vulnerability
Fortinet FortiClient EMS Improper Access Control Vulnerability Added to KEV Catalog
FortiClient EMS Critical Vulnerability Active Exploitation Hotfix Urged
Critical FortiClient EMS Vulnerability Enables Remote Code Execution
FortiClientEMS Vulnerability CVE-2026-35616 Actively Exploited
More from Data Privacy & Cybersecurity Browse all →
Adobe Acrobat Zero-Day Under Active Exploitation, Three Agencies Warn
April 18, 2026
CISA Warns Critical ICS Flaws Expose SQL Credentials in Mitsubishi, ICONICS Products
April 13, 2026
Russian APT28 Hijacks Routers to Steal Government Passwords
April 12, 2026
Six Agencies Warn of Iranian Hackers Targeting US Industrial Controls
April 11, 2026
Get the briefing in your inbox
The top regulatory stories, delivered daily. No noise.
Free. Unsubscribe anytime.