Summary

Fortinet has issued out-of-band patches to address a critical vulnerability in FortiClient EMS, identified as CVE-2026-35616. This flaw, which has been actively exploited, allows for privilege escalation via a pre-authentication API access bypass.

Key Points

• Fortinet released patches for CVE-2026-35616, a critical vulnerability in FortiClient EMS.
• The vulnerability has a CVSS score of 9.1, indicating its severity.
• CVE-2026-35616 is a pre-authentication API access bypass that can lead to privilege escalation.
• The vulnerability is categorized under CWE-284, indicating improper access control.
• Fortinet confirmed that this vulnerability has been exploited in the wild.

Analysis

The release of patches for CVE-2026-35616 by Fortinet underscores the critical nature of this vulnerability, particularly given its active exploitation. The high CVSS score of 9.1 highlights the potential impact on affected systems, making it imperative for organizations using FortiClient EMS to apply the patches promptly to mitigate risks associated with privilege escalation.

Conclusion

IT professionals should prioritize the immediate deployment of the patches provided by Fortinet to secure FortiClient EMS installations. Regular monitoring and updating of security systems are essential to protect against such critical vulnerabilities.