A Vulnerability in Fortinet FortiClientEMS Could Allow for Arbitrary Code Execution

A vulnerability (CVE-2026-35616) in Fortinet FortiClientEMS versions 7.4.5–7.4.6 permits unauthenticated remote code execution via crafted network requests; successful exploitation could allow attackers to run code with the affected service account's privileges, potentially installing programs, modifying or deleting data, or creating new accounts. The report maps the issue to Initial Access (TA0001) and Exploitation of Public-Facing Application (T1190).