What is CVE-2025-35616 in Fortinet FortiClient EMS?

It's a critical 9.1 CVSS flaw added to CISA's KEV catalog, actively exploited, allowing potential RCE on EMS servers.

How do I patch Fortinet FortiClient EMS CVE-2025-35616?

Download OOB patches from Fortinet PSIRT for versions 7.0-7.4; apply via standard upgrade, test endpoints after.

Why did CISA add Fortinet vuln to KEV catalog?

Evidence of active exploitation in the wild, mandating federal patches and warning all users.

CISA Slaps Critical Fortinet Flaw into KEV: Patch Now or Pay Later

A CVSS 9.1 bomb in Fortinet's FortiClient EMS just hit CISA's Known Exploited Vulnerabilities list. Attackers are exploiting it in the wild; Fortinet rushed patches this week.

theAIcatchup Apr 08, 2026 4 min read

CISA KEV catalog entry highlighting Fortinet FortiClient EMS CVE-2025-35616 vulnerability

⚡ Key Takeaways

CISA's KEV addition confirms active exploitation of CVE-2025-35616 in FortiClient EMS (CVSS 9.1). 𝕏
Fortinet released out-of-band patches; upgrade immediately to avoid RCE risks. 𝕏
This vuln risks massive endpoint compromise, echoing past Fortinet supply-chain attacks. 𝕏

Published by

theAIcatchup

Threat intelligence. Zero noise.

#CISA KEV #CVE-2025-35616 #Fortinet FortiClient EMS #RCE vulnerability #known exploited vulnerabilities

Worth sharing?

Get the best Cybersecurity stories of the week in your inbox — no noise, no spam.

Originally reported by SecurityAffairs

⚡ Key Takeaways

The 60-Second TL;DR

theAIcatchup

Share this article

Worth sharing?

Related Stories

14,000 F5 BIG-IP Doors Wide Open to RCE Nightmares

React2Shell Hits: Spies, Miners, and Chaos Exploit React's Gaping Flaw

Apache ActiveMQ's 13-Year RCE Nightmare: Auth Bypass via Ancient Flaw Chain

CISA's Fortinet EMS Patch Deadline: A Wake-Up Call for Exposed Management Servers

Stay in the loop