Tech »  Topic »  Attackers Target Zero-Day Flaw in Fortinet Security Software

Attackers Target Zero-Day Flaw in Fortinet Security Software

3 hours ago   bankinfosecurity

Vendor Issues Hotfix for Critical Flaw in FortiClient Endpoint Management Server Mathew J. Schwartz (euroinfosec) • April 6, 2026

Image: Shutterstock

Firewall mainstay Fortinet rushed out emergency patches Sunday while warning that hackers are actively targeting two critical flaws, including a zero-day flaw, to remotely execute code and commands.

See Also: On Demand | From Patch to Prevention: Modernizing Remediation Across Hybrid Environments

The vendor on Saturday issued a hotfix for the zero-day flaw, tracked as CVE-2026-35616, in its FortiClient Endpoint Management Server.

"Fortinet has observed this to be exploited in the wild and urges vulnerable customers to install the hotfix for FortiClient EMS 7.4.5 and 7.4.6," it said. The next version will also include a fix, but "in the meantime, the hotfix above is sufficient" to stop the attacks, it said.

Security teams use EMS to centrally administer endpoints such as laptops and mobile devices. The server ...


Copyright of this story solely belongs to bankinfosecurity . To see the full text click HERE