Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet forticlient vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2019-17650
An Improper Neutralization of Special Elements used in a Command vulnerability in one of FortiClient for Mac OS root processes, may allow a local user of the system on which FortiClient is running to execute unauthorized code as root by bypassing a security check.
Fortinet Forticlient
7.2
CVSSv2
CVE-2015-7362
Fortinet FortiClient Linux SSLVPN before build 2313, when installed on Linux in a home directory that is world readable and executable, allows local users to gain privileges via the helper/subroc setuid program.
Fortinet Forticlient
7.2
CVSSv2
CVE-2015-5736
The Fortishield.sys driver in Fortinet FortiClient prior to 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 ioctl call.
Fortinet Forticlient
3 EDB exploits
3 Github repositories
7.2
CVSSv2
CVE-2015-5735
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient prior to 5.2.4 allow local users to write to arbitrary memory locations via a 0x226108 ioctl call.
Fortinet Forticlient
7.2
CVSSv2
CVE-2015-5737
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, (4) mdare64_52.sys, and (5) Fortishield.sys drivers in Fortinet FortiClient prior to 5.2.4 do not properly restrict access to the API for management of processes and the Windows registry, which allows local users to ...
Fortinet Forticlient
7.2
CVSSv2
CVE-2009-1262
Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local users to execute arbitrary code via format string specifiers in the VPN connection name.
Fortinet Forticlient 3.0.614
7.2
CVSSv2
CVE-2008-0779
The fortimon.sys device driver in Fortinet FortiClient Host Security 3.0 MR5 Patch 3 and previous versions does not properly initialize its DeviceExtension, which allows local users to access kernel memory and execute arbitrary code via a crafted request.
Fortinet Forticlient Host Security
6.9
CVSSv2
CVE-2021-32592
An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x and FortiClientEMS 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x may allow an malicious user to perform a DLL Hijack attack on affected devices via a malicious OpenSSL engine library in the sear...
Fortinet Forticlient
Fortinet Forticlient 7.0.0
Fortinet Forticlient Enterprise Management Server
Fortinet Forticlient Enterprise Management Server 7.0.0
6.9
CVSSv2
CVE-2020-9287
An Unsafe Search Path vulnerability in FortiClient EMS online installer 6.2.1 and below may allow a local attacker with control over the directory in which FortiClientEMSOnlineInstaller.exe resides to execute arbitrary code on the system via uploading malicious Filter Library DLL...
Fortinet Forticlient Emergency Management Server
6.9
CVSSv2
CVE-2020-9290
An Unsafe Search Path vulnerability in FortiClient for Windows online installer 6.2.3 and below may allow a local attacker with control over the directory in which FortiClientOnlineInstaller.exe and FortiClientVPNOnlineInstaller.exe resides to execute arbitrary code on the system...
Fortinet Forticlient
Fortinet Forticlient Virtual Private Network
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »