Critical Fortinet Forticlient EMS flaw now exploited in attacks
A critical vulnerability in Fortinet's FortiClient EMS platform is being actively exploited by attackers, allowing them to execute arbitrary code on unpatched systems. The vulnerability, tracked as CVE-2026-21643, can be patched by upgrading to version 7.4.5 or later.
Attackers are exploiting a critical Fortinet FortiClient EMS flaw. The SQL injection vulnerability allows unauthenticated threat actors to execute arbitrary code on unpatched systems. It affects FortiClient EMS version 7.4.4 and can be patched by upgrading to version 7.4.5 or later. Over 1000 instances of Forticlient EMS are publicly exposed, with most in the United States. Fortinet has not yet updated its security advisory to reflect active exploitation. The vulnerability was discovered internally by Fortinet's Product Security team.
This content was automatically generated and/or translated by AI. It may contain inaccuracies. Please refer to the original sources for verification.