HIGHVulnerability
Verified
Global
CISA KEV: Fortinet FortiClient EMS — Fortinet FortiClient EMS Improper Access Control Vulnerability
Monday, April 6, 2026 at 12:00 AM UTC·Source: CISA KEV
Updated: Monday, April 6, 2026 at 03:22 PM UTC
Executive Summary
Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.
Analysis
Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests. Added to CISA Known Exploited Vulnerabilities catalog on 2026-04-06. Remediation due: 2026-04-09.