Fortinet Releases Hotfixes for Critical Code Execution Vulnerability in FortiClient EMS

Fortinet has released hotfixes to address a critical code execution vulnerability in FortiClient Enterprise Management Server (EMS) that is actively being exploited. The flaw, identified as a "codesmuggling" (code injection) issue, allows attackers to execute arbitrary code. Administrators are urgently advised to apply the patches to mitigate ongoing attacks. No specific CVE ID, affected version numbers, or exact exploitation details were provided in the notice. The vulnerability poses a severe risk to unpatched systems, enabling potential unauthorized control. The source of the attacks or targeted sectors was not disclosed.