Close Menu
    What's Hot

    Mass Protests Across Ukraine Oppose Ouster of Defense Minister

    Opinion | ICE Is Out of Control. Here’s What to Do About It.

    The Army Veteran Killed Outside His ‘Trump House’

    Facebook X (Twitter) Instagram
    Trending
    • Mass Protests Across Ukraine Oppose Ouster of Defense Minister
    • Opinion | ICE Is Out of Control. Here’s What to Do About It.
    • The Army Veteran Killed Outside His ‘Trump House’
    • Sam Neill’s Cause of Death Was Pneumonia, Actor’s Agent Confirms
    • What to Know About Mykhailo Fedorov, Ukraine’s Ousted Defense Minister
    • Astronomers Have Found a Sugar Molecule in Deep Space for the First Time Ever
    • US inflation fell more than expected to 3.5% in June as petrol prices tumbled
    • TSMC Adds $100 Billion to Its U.S. Spending Plan
    interluknewsinterluknews
    • Home
    • Business
      • Corporate News
      • Industry Insights
      • Startups & Entrepreneurship
      • Technology & Innovation
    • Economy
      • Economic Policy
      • Financial Analysis
      • Inflation & Interest Rates
      • Trade & Markets
    • Global
      • Conflicts & Security
      • Diplomacy
      • Global Trends
      • International Affairs
    • Lifestyle
      • Fashion
      • Food & Dining
      • Personal Development
      • Travel
    • Opinion
      • Columns
      • Editorials
      • Expert Opinions
      • Reader Voices
    • More
      • Politics
        • Elections
        • Government & Policy
        • International Relations
        • Political Analysis
      • Sports
        • Cricket
        • Football / Soccer
        • International Sports
        • Local Sports
      • Technology
        • Artificial Intelligence
        • Cybersecurity
        • Gadgets & Reviews
        • Tech News
      • South Africa News
    Facebook X (Twitter) Instagram
    interluknewsinterluknews
    Cybersecurity

    Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

    adminBy adminApril 5, 2026No Comments2 Mins Read
    Share Facebook Twitter Pinterest Copy Link Telegram LinkedIn Tumblr Email
    Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS
    Share
    Facebook Twitter LinkedIn Pinterest Email

    Ravie LakshmananApr 05, 2026Vulnerability / API Security

    Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

    Fortinet has released out-of-band patches for a critical security flaw impacting FortiClient EMS that it said has been exploited in the wild.

    The vulnerability, tracked as CVE-2026-35616 (CVSS score: 9.1), has been described as a pre-authentication API access bypass leading to privilege escalation.

    “An improper access control vulnerability [CWE-284] in FortiClient EMS may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests,” Fortinet said in a Saturday advisory.

    The issue affects FortiClient EMS versions 7.4.5 through 7.4.6. It’s expected to be fully patched in the upcoming version 7.4.7, although the company has released a hotfix to address it. 

    Cybersecurity

    Simo Kohonen from Defused Cyber and Nguyen Duc Anh have been credited with discovering and reporting the flaw. In a post on X, Defused Cyber said it observed zero-day exploitation of CVE-2026-35616 earlier this week. According to watchTowr, exploitation attempts against CVE-2026-35616 were first recorded against its honeypots on March 31, 2026.

    Successful exploitation of the flaw could allow an unauthenticated attacker to sidestep API authentication and authorization protections, and execute malicious code or commands via crafted requests. 

    “Fortinet has observed this to be exploited in the wild and urges vulnerable customers to install the hotfix for FortiClient EMS 7.4.5 and 7.4.6,” the company added.

    The development comes merely days after another recently-patched, critical vulnerability in FortiClient EMS (CVE-2026-21643, CVSS score: 9.1) came under active exploitation. It’s currently not known if the same threat actor is behind the exploitation of both the flaws, and if they are being weaponized together.

    Given the severity of the vulnerabilities, users are advised to update their FortiClient EMS to the latest version as soon as possible.

    “The timing of the ramp-up of in-the-wild exploitation of this zero-day is likely not coincidental,” watchTowr CEO and founder Benjamin Harris told The Hacker News.

    Cybersecurity

    “Attackers have shown repeatedly that holiday weekends are the best time to move. Security teams are at half strength, on-call engineers are distracted, and the window between compromise and detection stretches from hours to days. Easter, like any other holiday, represents opportunity.”

    “What is disappointing is the bigger picture. This is the second unauthenticated vulnerability in FortiClient EMS in a matter of weeks.”

    “So, once again, organizations running FortiClient EMS and exposed to the Internet should treat this as an emergency response situation, not something to pick up on Tuesday morning. Apply the hotfix. Attackers already have a head start.”

    Actively CVE202635616 EMS Exploited FortiClient Fortinet Patches
    Follow on Google News Follow on Flipboard
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
    Previous ArticleWhy employees are giving up remote work and moving back to urban centers
    Next Article Illinois rues missed shots after another Final Four loss
    admin
    • Website

    Related Posts

    OpenAI’s GPT-Red Automates Prompt Injection Testing to Harden GPT-5.6 Sol

    July 16, 2026

    148 npm Packages Disguised as Student Proxies Turned Browsers Into a DDoS Botnet

    July 16, 2026

    Closing the Approval Gap in AI-Era Ad Tech

    July 16, 2026
    Leave A Reply Cancel Reply

    Demo
    Latest Posts

    Mass Protests Across Ukraine Oppose Ouster of Defense Minister

    Opinion | ICE Is Out of Control. Here’s What to Do About It.

    The Army Veteran Killed Outside His ‘Trump House’

    Sam Neill’s Cause of Death Was Pneumonia, Actor’s Agent Confirms

    Latest Posts

    Subscribe to News

    Get the latest sports news from NewsSite about world, sports and politics.

    Advertisement
    Demo

    We are a digital news platform delivering timely, accurate, and insightful coverage of politics, global affairs, business, economy, sports, and more. Our mission is to keep readers informed with reliable news, clear analysis, and stories that truly matter.
    We're social. Connect with us:

    Facebook X (Twitter) Instagram Pinterest YouTube

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    Type above and press Enter to search. Press Esc to cancel.

    Powered by
    ...
    ►
    Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
    None
    ►
    Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
    None
    ►
    Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
    None
    ►
    Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
    None
    ►
    Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
    None
    Powered by