Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet forticlient vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2022-42470
A relative path traversal vulnerability in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an malicious user to execute unauthorized code or commands via sending a crafted request to a specific named pipe.
Fortinet Forticlient
7.1
CVSSv3
CVE-2022-40681
A incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an malicious user to cause denial of service via sending a crafted request to a specific named pipe.
Fortinet Forticlient
7.8
CVSSv3
CVE-2022-40682
A incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an malicious user to execute unauthorized code or commands via sending a crafted request to a specific named pipe.
Fortinet Forticlient
7.1
CVSSv3
CVE-2022-26113
An execution with unnecessary privileges vulnerability [CWE-250] in FortiClientWindows 7.0.0 up to and including 7.0.3, 6.4.0 up to and including 6.4.7, 6.2.0 up to and including 6.2.9, 6.0.0 up to and including 6.0.10 may allow a local malicious user to perform an arbitrary file...
Fortinet Forticlient
5.5
CVSSv3
CVE-2022-33878
An exposure of sensitive information to an unauthorized actor vulnerabiltiy [CWE-200] in FortiClient for Mac versions 7.0.0 up to and including 7.0.5 may allow a local authenticated malicious user to obtain the SSL-VPN password in cleartext via running a logstream for the FortiTr...
Fortinet Forticlient
5.5
CVSSv3
CVE-2019-16150
Use of a hard-coded cryptographic key to encrypt security sensitive data in local storage and configuration in FortiClient for Windows before 6.4.0 may allow an attacker with access to the local storage or the configuration backup file to decrypt the sensitive data via knowledge ...
Fortinet Forticlient
6.5
CVSSv3
CVE-2019-16152
A Denial of service (DoS) vulnerability in FortiClient for Linux 6.2.1 and below may allow an user with low privilege to cause FortiClient processes running under root privilege crashes via sending specially crafted IPC client requests to the fctsched process due the nanomsg not ...
Fortinet Forticlient
7.1
CVSSv3
CVE-2019-16155
A privilege escalation vulnerability in FortiClient for Linux 6.2.1 and below may allow a user with low privilege to overwrite system files as root with arbitrary content through system backup file via specially crafted "BackupConfig" type IPC client requests to the fct...
Fortinet Forticlient
NA
CVE-2015-1453
The qm class in Fortinet FortiClient 5.2.3.091 for Android uses a hardcoded encryption key of FoRtInEt!AnDrOiD, which makes it easier for malicious users to obtain passwords and possibly other sensitive data by leveraging the key to decrypt data in the Shared Preferences.
Fortinet Forticlient
NA
CVE-2015-5736
The Fortishield.sys driver in Fortinet FortiClient prior to 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 ioctl call.
Fortinet Forticlient
3 EDB exploits
3 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »