Fortinet Releases Emergency Patch After FortiClient EMS Bug Is Exploited
ATT&CK techniques detected
T1190Exploit Public-Facing Application
99%
"provide to company device fleets. this can be weaponized in ransomware, cyber espionage or destructive attacks. in 2024, fortinet was forced to patch a critical sql injection vulnerability in forticlientems which could have enabled remote code execution ( rce ) on targeted server…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
99%
"entirely, unauthorized code or commands via crafted requests, ” defused said in a social media post. second critical flaw in a week defused also discovered another critical vulnerability in the forticlient ems platform last week, also being exploited in the wild. cve - 2026 - 216…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
96%
"fortinet releases emergency patch after forticlient ems bug is exploited fortinet customers have been urged to update their forticlient enterprise management server ( ems ) products after the vendor was forced to issue an emergency patch over the weekend. cve - 2026 - 35616 is a …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Fortinet has updated its FortiClient EMS product after zero-day attacks surfaced