好的,用户让我帮忙总结一篇文章,控制在100字以内,而且不需要特定的开头。首先,我需要仔细阅读文章内容,理解主要信息。 文章讲的是美国CISA机构将Fortinet FortiClient EMS的一个漏洞加入到已知被利用的漏洞目录中。这个漏洞编号是CVE-2026-35616,CVSS评分9.1,属于高危。Fortinet已经发布了紧急补丁,并确认该漏洞正在被积极利用。CISA要求联邦机构在4月9日前修复。 接下来,我需要提取关键点:CISA添加漏洞到目录、漏洞编号和评分、Fortinet发布补丁、漏洞已被利用、修复截止日期。 然后,把这些信息浓缩成简洁的句子,确保不超过100字。要注意用词准确,避免冗余。 最后,检查一下是否符合用户的要求:直接描述内容,不使用特定开头,控制字数。 </think> 美国CISA将Fortinet FortiClient EMS中的高危漏洞CVE-2026-35616(CVSS 9.1)加入已知被利用漏洞目录。该漏洞允许攻击者通过API绕过身份验证并提升权限。Fortinet已发布紧急补丁,并确认漏洞正在被利用。CISA要求联邦机构于4月9日前修复此漏洞。 2026-4-7 08:59:9 Author: securityaffairs.com(查看原文) 阅读量:9 收藏
U.S. CISA adds a flaw in Fortinet FortiClient EMS to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Fortinet FortiClient EMS to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Fortinet FortiClient EMS, tracked as CVE-2026-35616 (CVSS score of 9.1), to its Known Exploited Vulnerabilities (KEV) catalog.
This week, Fortinet released out-of-band patches for a critical FortiClient EMS vulnerability, tracked as CVE-2026-35616 (CVSS 9.1), which is already being exploited in attacks in the wild. The flaw is an improper access control issue that allows attackers to bypass authentication through an API and escalate privileges, posing a serious risk to affected systems.
“An Improper Access Control vulnerability [CWE-284] in FortiClient EMS may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.” reads the advisory published by Fortinet. “Fortinet has observed this to be exploited in the wild and urges vulnerable customers to install the hotfix for FortiClient EMS 7.4.5 and 7.4.6”
Fortinet confirmed active exploitation of the flaw and urges users of FortiClient EMS 7.4.5 and 7.4.6 to install available hotfixes. A permanent fix will also be included in version 7.4.7.
Fortinet acknowledged Simo Kohonen from Defused and Nguyen Duc Anh for responsibly disclosing this vulnerability after observing active zero-day exploitation of the issue.
A few hours ago, Defused researchers warned that attackers are exploiting the FortiClient zero-day. No public POC exists yet; however, this exploit has roughly the same structure as the observed zero-day exploit. Experts recommend watching for traffic from unknown IPs showing X-SSL-CLIENT-VERIFY: SUCCESS.
— Defused (@DefusedCyber) April 6, 2026🚨 We are now observing further exploitation of the recent FortiClient zero-day (CVE-2026-35616)
No public POC exists to date, and this exploit has roughly the same structure as the observed zero-day exploit.
To identify potential compromise, defenders should look for… pic.twitter.com/hxEVre8bnf
According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.
Experts also recommend that private organizations review the Catalog and address the vulnerabilities in their infrastructure.
CISA orders federal agencies to fix the vulnerability by April 9, 2026.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, US CISA Known Exploited Vulnerabilities catalog)
如有侵权请联系:admin#unsafe.sh