https://cybercrime.club/tags/endpoint-management/Recent content in Endpoint-Management on cybercrime.clubHugoen-usSat, 04 Apr 2026 18:09:00 -0400https://cybercrime.club/posts/forticlient-ems-cve-2026-35616-zero-day-api-bypass/Sat, 04 Apr 2026 18:09:00 -0400https://cybercrime.club/posts/forticlient-ems-cve-2026-35616-zero-day-api-bypass/<p>Fortinet disclosed today that a critical zero-day vulnerability in FortiClient Endpoint Management Server (EMS) is under active exploitation. Tracked as <strong>CVE-2026-35616</strong> with a CVSS score of <strong>9.1</strong>, the flaw allows unauthenticated attackers to bypass API authentication and authorization controls, leading to arbitrary code execution on affected servers.</p> <p>Emergency hotfixes are available now. If you run FortiClient EMS 7.4.5 or 7.4.6, stop reading and go patch.</p> <h2 id="what-happened">What Happened</h2> <p>Fortinet&rsquo;s PSIRT published advisory <a href="https://fortiguard.fortinet.com/psirt/FG-IR-26-099">FG-IR-26-099</a> confirming that attackers are actively exploiting CVE-2026-35616 in the wild. A public proof-of-concept exploit has appeared on GitHub, which means the window for opportunistic exploitation is wide open.</p>