CTI Swarm
Zurück zu allen Deep Dives
TENABLE BLOG

CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wild

Strategische Zusammenfassung

The vulnerability is being actively exploited in the wild, requiring immediate patching priority.

Volltext

Title: CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wild

URL Source: https://www.tenable.com/blog/cve-2026-35616-fortinet-forticlientems-improper-access-control-vulnerability-exploited-in-the

Published Time: 2026-04-06T10:21:05-0400

Markdown Content: # CVE-2026-35616 Fortinet FortiClientEMS zero-day exploited | Tenable® ![Image 1](https://t.teads.tv/track?action=pageView&env=js-web&tag_version=8.9.1_dfac178&provider=tag&buyer_pixel_id=14078&referer=https%3A%2F%2Fwww.tenable.com%2Fblog%2Fcve-2026-35616-fortinet-forticlientems-improper-access-control-vulnerability-exploited-in-the&user_session_id=864de89e-31e8-4820-8db2-c632330011f2&hasConsent=true&cht=timeout)![Image 2](https://t.teads.tv/track?action=conversion&env=js-web&tag_version=8.9.1_dfac178&provider=tag&conversion_type=Search&buyer_pixel_id=14078&referer=https%3A%2F%2Fwww.tenable.com%2Fblog%2Fcve-2026-35616-fortinet-forticlientems-improper-access-control-vulnerability-exploited-in-the&user_session_id=864de89e-31e8-4820-8db2-c632330011f2&hasConsent=true&cht=timeout) * [Skip to Main Navigation](https://www.tenable.com/blog/cve-2026-35616-fortinet-forticlientems-improper-access-control-vulnerability-exploited-in-the#site-nav) * [Skip to Main Content](https://www.tenable.com/blog/cve-2026-35616-fortinet-forticlientems-improper-access-control-vulnerability-exploited-in-the#block-tenable-content) * [Skip to Footer](https://www.tenable.com/blog/cve-2026-35616-fortinet-forticlientems-improper-access-control-vulnerability-exploited-in-the#site-footer)

[Tenable](https://www.tenable.com/)[Platform](https://www.tenable.com/products/tenable-one)[Products](https://www.tenable.com/products)[Solutions](https://www.tenable.com/solutions)[Why Tenable](https://www.tenable.com/why-tenable)[Resources](https://www.tenable.com/blog/cve-2026-35616-fortinet-forticlientems-improper-access-control-vulnerability-exploited-in-the)[Partners](https://www.tenable.com/blog/cve-2026-35616-fortinet-forticlientems-improper-access-control-vulnerability-exploited-in-the)[Support](https://www.tenable.com/blog/cve-2026-35616-fortinet-forticlientems-improper-access-control-vulnerability-exploited-in-the)[Company](https://www.tenable.com/blog/cve-2026-35616-fortinet-forticlientems-improper-access-control-vulnerability-exploited-in-the)

[contact_icon](https://www.tenable.com/about-tenable/contact-tenable)

[](https://www.tenable.com/blog/cve-2026-35616-fortinet-forticlientems-improper-access-control-vulnerability-exploited-in-the#)

[English](https://www.tenable.com/?tns_languageOverride=true)[Deutsch](https://de.tenable.com/?tns_languageOverride=true)[Français (France)](https://fr.tenable.com/?tns_languageOverride=true)[Español (América Latina)](https://es-la.tenable.com/?tns_languageOverride=true)[Português (Brasil)](https://pt-br.tenable.com/?tns_languageOverride=true)[Italiano](https://it.tenable.com/?tns_languageOverride=true)

[简体中文](https://www.tenablecloud.cn/?tns_languageOverride=true)[繁體中文](https://zh-tw.tenable.com/?tns_languageOverride=true)[日本語](https://jp.tenable.com/?tns_languageOverride=true)[한국어](https://kr.tenable.com/?tns_languageOverride=true)[العربية](https://ar.tenable.com/?tns_languageOverride=true)

[](https://www.tenable.com/blog/cve-2026-35616-fortinet-forticlientems-improper-access-control-vulnerability-exploited-in-the#)[Tenable Product Login](https://cloud.tenable.com/)[Community & Support](https://connect.tenable.com/)

[Try](https://www.tenable.com/try)[Buy](https://www.tenable.com/buy)

[Try](https://www.tenable.com/products)

[](https://www.tenable.co […]

[… 76,924 Zeichen — nächste Zone: keyword-dense paragraphs …]

| **CVE** | **Description** | **Published** | **Tenable Blog** | | --- | --- | --- | --- | | [CVE-2025-64155](https://www.tenable.com/cve/CVE-2025-64155) | Fortinet FortiSIEM Command Injection Vulnerability | January 2026 | [CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Command Injection Vulnerability](https://www.tenable.com/blog/cve-2025-64155-exploit-code-released-for-critical-fortinet-fortisiem-command-injection) | | [CVE-2025-64446](https://www.tenable.com/cve/CVE-2025-64446) | Fortinet FortiWeb Path Traversal Vulnerability | November 2025 | [CVE-2025-64446: Fortinet FortiWeb Zero-Day Path Traversal Vulnerability Exploited in the Wild](https://www.tenable.com/blog/cve-2025-64446-fortinet-fortiweb-zero-day-path-traversal-vulnerability-exploited-in-the-wild) | | [CVE-2025-25256](https://www.tenable.com/cve/CVE-2025-25256) | Fortinet FortiSIEM Command Injection Vulnerability | August 2025 | [CVE-2025-25256: Proof of Concept Released for Critical Fortinet FortiSIEM Command Injection Vulnerability](https://www.tenable.com/blog/cve-2025-25256-proof-of-concept-released-for-critical-fortinet-fortisiem-command-injection) | | [CVE-2025-32756](https://www.tenable.com/cve/CVE-2025-32756) | Fortinet FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera Arbitrary Code Execution Vulnerability | May 2025 | [CVE-2025-32756: Zero-Day Vulnerability in Multiple Fortinet Products Exploited in the Wild](https://www.tenable.com/blog/cve-2025-32756-zero-day-vulnerability-in-multiple-fortinet-products-exploited-in-the-wild) | | [CVE-2024-55591](https://www.tenable.com/cve/CVE-2024-55591) | Fortinet Authentication Bypass in FortiOS and FortiProxy | January 2025 | [CVE-2024-55591: Fortinet Authentication Bypass Zero-Day Vulnerability Exploited in the Wild](https://www.tenable.com/blog/cve-2024-55591-fortinet-authentication-bypass-zero-day-vulnerability-exploited-in-the-wild) | | [CVE-2024-21762](https://www.tenable.com/cve/CVE-2024-21762) | Fortinet FortiOS Out-of-bound Write Vulnerability in sslvpnd | February 2024 | [CVE-2024-21762: Critical Fortinet FortiOS Out-of-Bound Write SSL VPN Vulnerability](https://www.tenable.com/blog/cve-2024-21762-critical-fortinet-fortios-out-of-bound-write-ssl-vpn-vulnerability) | | [CVE-2023-27997](https://www.tenable.com/cve/CVE-2023-27997) | FortiOS and FortiProxy Heap-Based Buffer Overflow Vulnerability | June […]

[… 76,482 Zeichen — nächste Zone: tail …]

By submitting your information on this page, Tenable may send you email communications regarding its products and services. You may opt out of receiving these communications at any time by using the unsubscribe link located in the footer of the emails delivered to you. You can also manage your Tenable email preferences by visiting the [Subscription Management](https://info.tenable.com/SubscriptionManagement.html) Page.

Tenable will only process your personal data in accordance with its [Privacy Policy](https://www.tenable.com/privacy-policy).

Submit

### Thank You

Thank you for your interest in Tenable Patch Management. A representative will be in touch soon.

![Image 21](https://id.rlcdn.com/464526.gif)

![Image 22](https://bat.bing.com/action/0?ti=4022390&tm=gtm002&Ver=2&mid=59ce8cdf-4919-464c-876c-86a69e917029&bo=1&sid=6e741520368911f19cc6fdce2a7c00f9&vid=6e7469a0368911f19e15a7a18411d793&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=800&sh=600&sc=24&tl=CVE-2026-35616%20Fortinet%20FortiClientEMS%20zero-day%20exploited%20%7C%20Tenable%C2%AE&p=https%3A%2F%2Fwww.tenable.com%2Fblog%2Fcve-2026-35616-fortinet-forticlientems-improper-access-control-vulnerability-exploited-in-the&r=&lt=3178&evt=pageLoad&sv=2&cdb=AQAS&rn=722750)

![Image 23](https://verifi.pdscrb.com/tag?action=view&user_id=5001cc37-3f20-4e8b-9b9d-fc0dc04967a4&advertiser=tenable&referrer=_&session_referrer=_&session_landing_url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Fcve-2026-35616-fortinet-forticlientems-improper-access-control-vulnerability-exploited-in-the&device_id=pscrb_3680dd51-2ffa-4aab-9824-8482413075ec&first_visited_at=1776009930467&stid=&ipv4=34.96.49.37&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Fcve-2026-35616-fortinet-forticlientems-improper-access-control-vulnerability-exploited-in-the&event_url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Fcve-2026-35616-fortinet-forticlientems-improper-access-control-vulnerability-exploited-in-the&source=js-tag+v1.0.8&cachebust=1776009931752)