Fortinet News Articles

U.S. CISA adds a flaw in Fortinet FortiClient EMS to its Known Exploited Vulnerabilities catalog - IT Security News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Fortinet FortiClient EMS to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Fortinet FortiClient EMS, tracked as CVE-2026-35616 (CVSS score of…...

3 days ago

Fortinet Rushes Emergency Fixes for Exploited Zero-Day

Fortinet issues emergency patches for CVE-2026-35616, a FortiClient EMS zero-day vulnerability that has been exploited in the wild.

4 days ago

Fortinet Issues Emergency Patch for FortiClient Zero-Day

The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild.

4 days ago

CISA Warns of Fortinet 0-Day Vulnerability Actively Exploited in Attacks - IT Security News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-35616, a critical improper access control vulnerability in Fortinet FortiClient Enterprise Management Server (EMS), to its Known Exploited Vulnerabilities (KEV) catalog on April 6, 2026, mandating federal agencies to...

4 days ago

CISA Warns of Fortinet 0-Day Vulnerability Actively Exploited in Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-35616, a critical improper access control vulnerability in Fortinet FortiClient Enterprise Management Server (EMS), to its Known Exploited Vulnerabilities (KEV) catalog on April 6, 2026, mandating federal agencies to...

4 days ago

CISA orders feds to patch exploited Fortinet EMS flaw by Friday

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to secure FortiClient Enterprise Management Server (EMS) instances against an actively exploited vulnerability by Friday.

4 days ago

New Fortinet Flaw Allows Unauthorized Access to Enterprise Systems

Fortinet warns of a critical FortiClient EMS zero-day vulnerability that is currently being exploited, allowing attackers to bypass authentication and execute commands.

4 days ago

CVE-2026-35616: FortiClient EMS Flaw Under Active Exploitation | eSecurity Planet

A critical FortiClient EMS vulnerability (CVE-2026-35616) is under active exploitation, allowing unauthenticated attackers to bypass API protections.

4 days ago

Fortinet CVE-2026-35616 Actively Exploited - Decipher

The company published an advisory on Saturday and urged all customers who are running affected versions of the software to install the hotfix as quickly as possible. The bug affects versions 7.4.5 and 7.4.6 of FortiClient EMS. 

4 days ago

Week In Review: Axios Npm Supply Chain Compromise, Critical FortiClient EMS Bugs Exploited - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

5 days ago

Week in review: Axios npm supply chain compromise, critical FortiClient EMS bugs exploited - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Financial groups lay out a plan to fight AI identity

5 days ago

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

CVE-2026-35616 (CVSS 9.1) exploited since March 31, 2026, affects FortiClient EMS 7.4.5–7.4.6, enabling privilege escalation.

5 days ago

FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616) - IT Security News

Defused Cyber has spotted a critical Fortinet FortiClient Endpoint Management Server (EMS) zero-day vulnerability (CVE-2026-35616) being exploited in the wild. This time around, the confirmation of active exploitation came almost immediately from Fortinet, as well. “Fortinet has observed [CVE-2026-3...

6 days ago

FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616) - Help Net Security

Defused Cyber spotted a critical Fortinet FortiClient EMS zero-day (CVE-2026-35616) being exploited in the wild this week

6 days ago

Critical Fortinet FortiClient EMS 0-Day Vulnerability Actively Exploited in the Wild - IT Security News

Fortinet has issued an emergency hotfix after security researchers disclosed a critical zero-day vulnerability in FortiClient EMS that is already being actively exploited by threat actors. Tracked as CVE-2026-35616 and carrying a CVSSv3 score of 9.1 (Critical), the flaw enables…Read more →

6 days ago

Fortinet Confirms New Zero-Day Behind Malicious SSO Logins

To stop the ongoing attacks, the cybersecurity vendor took the drastic step of temporarily disabling FortiCloud single sign-on (SSO) authentication.

Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718? - Help Net Security

CVE-2025-59718, an auth bypass flaw that attackers exploited in December 2025 to compromise FortiGate appliances, appears to have persisted.

Fortinet confirms critical FortiCloud auth bypass not fully patched

Days after admins began reporting that their fully patched firewalls are being hacked, Fortinet confirmed it's working to fully address a critical FortiCloud SSO authentication bypass vulnerability that should have already been patched since early December.

Fortinet Firewalls Hit With Malicious Configuration Changes

Automated infections of potentially fully patched FortiGate devices are allowing threat actors to steal firewall configuration files.

Hackers breach Fortinet FortiGate devices, steal firewall configs

Fortinet FortiGate devices are being targeted in automated attacks that create rogue accounts and steal firewall configuration data, according to cybersecurity company Arctic Wolf.

Fortinet admins report patched FortiGate firewalls getting hacked

Fortinet customers are seeing attackers exploiting a patch bypass for a previously fixed critical FortiGate authentication vulnerability (CVE-2025-59718) to hack patched firewalls.

More Problems for Fortinet: Critical FortiSIEM Flaw Exploited

CVE-2025-64155, a command injection vulnerability, was disclosed earlier this week and quickly came under attack from a variety of IP addresses.

PoC exploit for critical FortiSIEM vulnerability released (CVE-2025-64155) - Help Net Security

A critical vulnerability (CVE-2025-64155) in FortiSIEM has now been accompanied by publicly released proof-of-concept (PoC) exploit code.

Hackers now exploiting critical Fortinet FortiSIEM flaw in attacks

Attackers are now exploiting a critical Fortinet FortiSIEM vulnerability with publicly available proof-of-concept exploit code.

Fortinet FortiSIEM Vulnerability CVE-2025-64155: Critical Security Update

Discover critical Fortinet FortiSIEM vulnerability CVE-2025-64155. Learn how to update and protect your system from remote code execution attacks. Read now!