Fortinet has released out-of-band patches to fix a serious security hole in FortiClient EMS This article explores vulnerable versions forticlient. . CVE-2026-35616 is the name of the vulnerability.

It is a pre-authentication API access bypass that allows for privilege escalation. Fortinet has confirmed that this exploit is out in the wild and tells customers with vulnerable versions of Forticlient EMS 7.4.5 and 7.4.6 to install the hotfix right away. This is the second time in just a few weeks that an unauthenticated vulnerability has been found in Forti Client EMS. Benjamin Harris, the CEO of watchTowr, says that the timing of the exploitation of this zero-day is probably not a coincidence.

He says that the time between the start of an attack and its discovery can range from a few hours to a few days.

"Attackers have already gained the upper hand," Harris says. "It's no longer just a worry for tomorrow; it's now an immediate priority." "Organizations that use Forti client EMS and are connected to the internet need to act right away," he says.

Version 7.5.7 will completely fix the problem, but patch 7.7.1 will fix it right away.