Exploitation of Critical Fortinet FortiClient EMS Flaw Begins
The SQL injection vulnerability allows unauthenticated attackers to execute arbitrary code remotely, via crafted HTTP requests. The post Exploitation of Critical Fortinet FortiClient EMS Flaw Begins appeared first on SecurityWeek.
Threat actors have started exploiting a critical-severity vulnerability in Fortinet FortiClient EMS, threat intelligence firm Defused Cyber warns.
A centralized management server, FortiClient EMS allows organizations to deploy, configure, and monitor FortiClient endpoints across their environments. It also supports multi-tenant deployments, enabling the management of multiple customer sites from a single instance.
Tracked as CVE-2026-21643, the now-exploited bug is described as an SQL injection issue that can be exploited remotely, without authentication, via specially crafted HTTP requests.
Source: https://www.securityweek.com/exploitation-of-critical-fortinet-forticlient-ems-flaw-begins/
Related breach coverage
- Critical SmarterMail Vulnerability Exploited in Ransomware Attacks2026-02-06
The security defect allows unauthenticated attackers to execute arbitrary code remotely via malicious HTTP requests. The post Critical SmarterMail Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek.
- Fortinet Rushes Emergency Fixes for Exploited Zero-Day2026-04-06
The improper access control bug in FortiClient EMS allows unauthenticated attackers to execute arbitrary code remotely. The post Fortinet Rushes Emergency Fixes for Exploited Zero-Day appeared first on SecurityWeek.
- Fortinet Patches Critical FortiSandbox Vulnerabilities2026-04-15
The flaws could allow attackers to bypass authentication or execute arbitrary code or commands via HTTP requests. The post Fortinet Patches Critical FortiSandbox Vulnerabilities appeared first on SecurityWeek.
- Fortinet Discloses Second Exploited FortiWeb Zero-Day in a Week2025-11-19
An OS command injection flaw, the exploited zero-day allows attackers to execute arbitrary code on the underlying system. The post Fortinet Discloses Second Exploited FortiWeb Zero-Day in a Week appeared first on SecurityWeek.