CVE-2026-35616 – Fortinet Network Security Appliance
CVSS 9.8
CRITICAL
“When your security device is the target, the entire network is exposed.”
Fortinet addressed CVE-2026-35616, a critical vulnerability affecting its network security appliances. The flaw allows remote code execution through a network-facing component, potentially enabling attackers to take full control of affected systems without authentication. This puts enterprise perimeter defenses, traffic inspection, and internal network security at immediate risk.
CVE-2026-35616 has a CVSS score of 9.1, which is Critical severity. Active exploitation has been observed, confirming real-world attacks are already occurring. The patch eliminates the remote execution path and strengthens input validation to prevent unauthorized access and system compromise.
Key Details
- Affected Product
- Fortinet Forticlientems
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- CWE Classification
- CWE-284
Patch this CVE on all your endpoints in under 5 minutes.
First 200 endpoints are free forever, scale as needed.