CVE-2025-22859

Name of the Vulnerable Software and Affected Versions: FortiClientEMS versions 7.4.0 through 7.4.1 FortiClientEMS Cloud versions 7.4.0 through 7.4.1

Description: A Relative Path Traversal issue may allow a remote unauthenticated attacker to perform a limited arbitrary file write on the system via upload requests.

Recommendations: For FortiClientEMS versions 7.4.0 through 7.4.1, consider restricting access to upload requests until a patch is available. For FortiClientEMS Cloud versions 7.4.0 through 7.4.1, consider restricting access to upload requests until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.