Description
A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.
Published: 2026-04-04
Score: 9.1 Critical
EPSS: 41.4% Moderate
KEV: Yes
Impact: Remote Code Execution
Action: Patch Now
AI Analysis

Impact

A vulnerability in Fortinet FortiClientEMS versions 7.4.5 and 7.4.6 allows an unauthenticated attacker to execute arbitrary code or commands by sending specially crafted requests to the EMS API. The flaw is an improper access control that is classified as CWE-284 and bypasses authentication checks, enabling the attacker to gain control of the FortiClientEMS process and potentially compromise the host system.

Affected Systems

Fortinet FortiClientEMS versions 7.4.5 through 7.4.6 are affected. The product is part of Fortinet's endpoint management suite. No earlier release versions are listed as affected in the provided data.

Risk and Exploitability

Based on the description, it is inferred that attackers can launch the exploit over the network by sending crafted requests to the EMS API without needing initial authentication, making the flaw highly attractive to threat actors. The CVSS score of 9.1 indicates high severity, and the EPSS score of 41% reflects a moderate to high probability of exploitation. The vulnerability is listed in the CISA KEV catalog, showing that public exploits have been observed.

Generated by OpenCVE AI on April 28, 2026 at 21:44 UTC.

Remediation

Vendor Solution

Upgrade to upcoming FortiClientEMS version 8.0.0 or above Upgrade to FortiClientEMS version 7.4.7 or above

OpenCVE Recommended Actions

  • Upgrade FortiClientEMS to version 7.4.7 or later
  • Upgrade FortiClientEMS to version 8.0.0 or later (if version 7.4.7 is not available)
  • Restrict external access to the FortiClientEMS API endpoints through network segmentation or firewall rules
  • Enforce proper authentication and authorization on all FortiClientEMS API endpoints to block unauthorized access

Generated by OpenCVE AI on April 28, 2026 at 21:44 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 28 Apr 2026 22:00:00 +0000

Type Values Removed Values Added
Title Unauthenticated Remote Code Execution via Improper Access Control in FortiClientEMS 7.4.5–7.4.6

Wed, 22 Apr 2026 15:45:00 +0000

Type Values Removed Values Added
Title Unauthenticated Remote Code Execution via Improper Access Control in FortiClientEMS 7.4.5–7.4.6

Wed, 22 Apr 2026 07:45:00 +0000

Type Values Removed Values Added
Title Unauthenticated Remote Code Execution in FortiClientEMS 7.4.5-7.4.6

Tue, 07 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
Title Unauthenticated Remote Code Execution in FortiClientEMS 7.4.5-7.4.6

Mon, 06 Apr 2026 16:45:00 +0000

Type Values Removed Values Added
References
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

 ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 06 Apr 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2026-04-06T00:00:00+00:00', 'dueDate': '2026-04-09T00:00:00+00:00'}

Sat, 04 Apr 2026 11:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Sat, 04 Apr 2026 01:15:00 +0000

Type Values Removed Values Added
Description A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.
First Time appeared Fortinet
Fortinet forticlientems
Weaknesses CWE-284
CPEs cpe:2.3:a:fortinet:forticlientems:7.4.5:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:forticlientems:7.4.6:*:*:*:*:*:*:*
Vendors & Products Fortinet
Fortinet forticlientems
References
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C'}

Subscriptions

Fortinet Forticlientems
cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published:

Updated: 2026-04-21T08:35:09.619Z

Reserved: 2026-04-03T23:49:34.986Z

Link: CVE-2026-35616

cve-icon Vulnrichment

Updated: 2026-04-04T10:53:23.244Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-04T01:16:39.720

Modified: 2026-04-06T18:12:57.863

Link: CVE-2026-35616

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T21:45:26Z

Weaknesses