""This is a zero-day. While there is no full patch, we have to give credit where credit is due: Fortinet has rushed out a hotfix over a holiday weekend, which reflects how urgently the company is treating this.""
""watchTowr's Attacker Eye honeypot infrastructure is currently capturing active exploitation of CVE-2026-35616. Attacker Eye sensors first captured exploitation activity on March 31st, days before today's public disclosure, in what appeared to be early probes ahead of a full ramp-up.""
""FortiClient EMS should be treated as critical management infrastructure, not just another endpoint tool. It sits in a highly privileged position within the enterprise, responsible for managing, configuring, and enforcing security controls across endpoint fleets.""
Fortinet revealed a critical vulnerability in FortiClient EMS that is actively being exploited. This flaw enables unauthenticated attackers to bypass API protections and execute unauthorized commands. Fortinet has issued a hotfix in response to the urgency of the situation. The vulnerability is significant as FortiClient EMS is crucial for managing security across endpoint fleets. If compromised, attackers could disrupt endpoint protections and execute commands at scale, posing a serious risk to enterprise security.
Read at TechRepublic
Unable to calculate read time
Collection
[
|
...
]