DVIUS Intelligence Summary: Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS - Analysis from Thehackernews.
Fortinet has released out-of-band patches for a critical security flaw impacting
FortiClient EMS that it said has been exploited in the wild.
The vulnerability, tracked as CVE-2026-35616 (CVSS score: 9.1), has
been described as a pre-authentication API access bypass leading to privilege
escalation.
"An improper access control vulnerability [CWE-284] in FortiClient EMS may allow
an
DVIUS AI Assessment: This incident highlights the ongoing evolution of cyber threats. Organizations should prioritize patch management, employee awareness training, and multi-factor authentication to mitigate similar risks. For full details, refer to the original source.