More than 2,000 internet-exposed FortiClient EMS servers raise concern as Fortinet confirms active exploitation

More than 2,000 FortiClient EMS instances appear reachable from the public internet at a time when Fortinet has confirmed in-the-wild exploitation of a critical FortiClient EMS flaw. Fortinet’s advisory says CVE-2026-35616 is an improper access control issue that may let an unauthenticated attacker execute unauthorized code or commands through crafted requests. The exposure matters because […] The post More than 2,000 internet-exposed FortiClient EMS servers raise concern as Fortinet confirms active exploitation appeared first on VPN Central.