Skip to content

Critical Security Advisory: Fortinet FortiClient EMS

Executive Summary: Improper access controls in the FortiClient EMS API allow unauthenticated attackers to execute arbitrary code. Immediate patching is mandatory for all affected assets.

 

Vulnerability Profile

  • CVE ID: CVE-2026-35616
  • CVSS Score: 9.1 (Critical)
  • Impact: Remote Code Execution (RCE)

 

Remediation Table

Affected BranchRequired Patch / Action
FortiClientEMS 7.4Upgrade to 7.4.7 or higher
FortiClientEMS 7.4.5Apply Hotfix 7.4.5.2111
FortiClientEMS 7.4.6Apply Hotfix 7.4.6.2170

Asset Discovery (runZero)

Utilize the following service query to identify potentially exposed endpoints within your network:

_asset.protocol:http AND protocol:http AND favicon.ico.image.mmh3:=-800551065

About runZero
runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

Cyber-Intelligence Advisory: Understanding Adware

Adware operates as a revenue engine for cybercriminals by hijacking your system’s interface to display a relentless stream of advertisements. While often perceived as a mere nuisance, its impact on system stability and data privacy is significant.

The Core Threat: Adware consumes substantial CPU and memory cycles. If left unchecked, it can render a device nearly unusable through constant background processes, browser redirects, and forced banners.
 

Common Infiltration Methods

  • Bundled Payloads: Silent installation alongside legitimate “freeware” or browser plugins.
  • Network-Level Injection: Man-in-the-Middle (MitM) attacks on unencrypted public Wi-Fi.
  • Browser Hijacking: Forcing changes to your default search engine and homepage to manipulate ad traffic.

 

Defensive Best Practices

  • Official Acquisition: Restrict all app downloads to verified platforms like Google Play or the App Store.
  • Vigilant Browsing: Avoid interacting with high-risk “sensationalist” ads or suspicious domains.
  • Proactive Scanning: Deploy a reputable antimalware solution to identify hidden installers that bypass standard antivirus.
  • Custom Installation: Always review “Advanced” or “Custom” setup options to opt-out of bundled software.

About NordPass
NordPass is developed by Nord Security, a company leading the global market of cybersecurity products.

The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

NIS2 Compliance & Log Management

2025-12-22   A log correlation engine automates the process of linking fragmented event data across diverse systems, transforming raw logs into real-time, actionable insights. By normalizing data and applying correlation rules, it reduces alert fatigue, accelerates incident detection (MTTD), and enables faster root cause analysis for improved security and operational efficiency.

Continue reading