Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet forticlient vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2015-5737
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, (4) mdare64_52.sys, and (5) Fortishield.sys drivers in Fortinet FortiClient prior to 5.2.4 do not properly restrict access to the API for management of processes and the Windows registry, which allows local users to ...
Fortinet Forticlient
5
CVSSv2
CVE-2019-16150
Use of a hard-coded cryptographic key to encrypt security sensitive data in local storage and configuration in FortiClient for Windows before 6.4.0 may allow an attacker with access to the local storage or the configuration backup file to decrypt the sensitive data via knowledge ...
Fortinet Forticlient
6.8
CVSSv2
CVE-2019-16152
A Denial of service (DoS) vulnerability in FortiClient for Linux 6.2.1 and below may allow an user with low privilege to cause FortiClient processes running under root privilege crashes via sending specially crafted IPC client requests to the fctsched process due the nanomsg not ...
Fortinet Forticlient
5
CVSSv2
CVE-2021-44167
An incorrect permission assignment for critical resource vulnerability [CWE-732] in FortiClient for Linux version 6.0.8 and below, 6.2.9 and below, 6.4.7 and below, 7.0.2 and below may allow an unauthenticated malicious user to access sensitive information in log files and direct...
Fortinet Forticlient
NA
CVE-2021-41031
A relative path traversal vulnerability [CWE-23] in FortiClient for Windows versions 7.0.2 and prior, 6.4.6 and prior and 6.2.9 and below may allow a local unprivileged malicious user to escalate their privileges to SYSTEM via the named pipe responsible for FortiESNAC service.
Fortinet Forticlient
NA
CVE-2023-22635
A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac version 7.0.0 up to and including 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions, 5.6 all versions, 5.4 all versions, 5.2 all versions, 5.0 all versions and 4.0 all versions may allo...
Fortinet Forticlient
7.9
CVSSv2
CVE-2021-22127
An improper input validation vulnerability in FortiClient for Linux 6.4.x prior to 6.4.3, FortiClient for Linux 6.2.x prior to 6.2.9 may allow an unauthenticated malicious user to execute arbitrary code on the host operating system as root via tricking the user into connecting to...
Fortinet Forticlient
4.6
CVSSv2
CVE-2020-9291
An Insecure Temporary File vulnerability in FortiClient for Windows 6.2.1 and below may allow a local user to gain elevated privileges via exhausting the pool of temporary file names combined with a symbolic link attack.
Fortinet Forticlient
7.2
CVSSv2
CVE-2019-17650
An Improper Neutralization of Special Elements used in a Command vulnerability in one of FortiClient for Mac OS root processes, may allow a local user of the system on which FortiClient is running to execute unauthorized code as root by bypassing a security check.
Fortinet Forticlient
7.5
CVSSv2
CVE-2019-17658
An unquoted service path vulnerability in the FortiClient FortiTray component of FortiClientWindows v6.2.2 and prior allow an malicious user to gain elevated privileges via the FortiClientConsole executable service path.
Fortinet Forticlient
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »