Fortinet FortiClientEMS Remote Code Execution Vulnerability

Last Update Date: 14 Apr 2026 Release Date: 10 Feb 2026 6663 Views

RISK: Extremely High Risk

Extremely High Risk

TYPE: Operating Systems - Networks OS

TYPE: Networks OS

A vulnerability has been identified in Fortinet FortiClientEMS. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.

 

Note:

CVE-2026-21643 is being exploited in the wild. An improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability in FortiClientEMS may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.

 

[Updated on 2026-04-14]

Updated Risk Level, Description and Related Links.

Impact

  • Remote Code Execution

System / Technologies affected

  • FortiClientEMS 7.4.4

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

  • Apply fixes issued by the vendor:
    FortiClientEMS 7.4.5 or later version

Vulnerability Identifier

Source

Related Link

Related Tags

FortinetRemote Code ExecutionExploit In The Wild

Share with

Previous

Microsoft Monthly Security Update (November 2025)

12 Nov 2025 8196 Views

Next

Adobe Monthly Security Update (Aug 2020)

12 Aug 2020 9510 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY