Critical Fortinet Forticlient EMS flaw now exploited in attacks

Critical Fortinet Forticlient EMS flaw now exploited in attacks

Attackers are now actively exploiting a critical vulnerability in Fortinet's FortiClient EMS platform, according to threat intelligence company Defused.

Fortinet hit by another exploited cybersecurity flaw

Yet another critical flaw in a Fortinet product has come to light as attackers continue to target the company, this time by actively exploiting a critical SQL injection vulnerability in the cybersecurity company’s management server. The vulnerability, (CVE-2026-21643), allows unauthenticated threat actors to execute arbitrary code on unpatched systems via specifically-crafted HTTP requests. These low-complexity attacks target the FortiClient End…

Critical Fortinet FortiClient EMS bug under active attack (CVE-2026-21643)

A critical SQL injection vulnerability (CVE-2026-21643) in Fortinet FortiClient EMS is under active exploitation.

Critical Fortinet Forticlient EMS Vulnerability Exploited in Attacks

A critical SQL injection vulnerability in Fortinet’s FortiClient Endpoint Management Server (EMS), tracked as CVE-2026-21643, is actively being exploited in the wild. Threat actors have been leveraging this flaw in attacks starting four days ago, despite it not yet appearing on the CISA Known Exploited Vulnerabilities catalog. The security flaw affects FortiClient EMS version 7.4.4, […] The post Critical Fortinet Forticlient EMS Vulnerability Ex…