A critical vulnerability in FortiClient Enterprise Management Server, identified as CVE-2026-35616, is being actively exploited by attackers, prompting Fortinet to release an emergency patch1. The flaw affects FortiClient EMS, a component of Fortinet's security solutions, and its exploitation can have significant consequences for affected systems. Fortinet's swift response to the vulnerability underscores the severity of the issue and the need for prompt action to mitigate potential damage. The emergency update is available for immediate deployment, and administrators are advised to apply the patch as soon as possible to prevent exploitation. This vulnerability highlights the importance of staying up-to-date with the latest security patches, especially for critical systems. The active exploitation of this flaw means that practitioners must prioritize patching to prevent potential breaches, making this update a critical task for security teams to undertake immediately.
New FortiClient EMS flaw exploited in attacks, emergency patch released
⚠️ Critical Alert
Why This Matters
Security developments involving Fortinet add to the evolving threat landscape — assess relevance to your environment.
References
- Lawrence Abrams. (2026, April 5). New FortiClient EMS flaw exploited in attacks, emergency patch released. *BleepingComputer*. https://www.bleepingcomputer.com/news/security/new-fortinet-forticlient-ems-flaw-cve-2026-35616-exploited-in-attacks/
Original Source
BleepingComputer
Read original →