An Improper Access Control vulnerability (CVE-2026-35616, CVSS 9.8 CRITICAL) in Fortinet FortiClientEMS allows a remote attacker to trigger remote code execution and privilege escalation. Affected versions are FortiClientEMS 7.4.5 and 7.4.6. The vendor has released a fix in FortiClientEMS version 7.4.7.
A vulnerability has been identified in Fortinet FortiClientEMS. A remote attacker could exploit this vulnerability to trigger remote code execution and elevation of privilege on the targeted system. Note: CVE-2026-35616 is being exploited in the wild. An Improper Access Control vulnerability in... Impact Remote Code Execution Elevation of Privilege System / Technologies affected FortiClientEMS 7.4 versions 7.4.5 through 7.4.6 Solutions Before installation of the software, please visit the vendor web-site for more details. Apply fixes issued by the vendor: FortiClientEMS 7.4.7 or later version