Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet forticlient vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2019-5589
An Unsafe Search Path vulnerability in FortiClient Online Installer (Windows version prior to 6.0.6) may allow an unauthenticated, remote attacker with control over the directory in which FortiClientOnlineInstaller.exe resides to execute arbitrary code on the system via uploading...
Fortinet Forticlient
641
VMScore
CVE-2019-17650
An Improper Neutralization of Special Elements used in a Command vulnerability in one of FortiClient for Mac OS root processes, may allow a local user of the system on which FortiClient is running to execute unauthorized code as root by bypassing a security check.
Fortinet Forticlient
641
VMScore
CVE-2021-26089
An improper symlink following in FortiClient for Mac 6.4.3 and below may allow an non-privileged user to execute arbitrary privileged shell commands during installation phase.
Fortinet Forticlient
445
VMScore
CVE-2019-16150
Use of a hard-coded cryptographic key to encrypt security sensitive data in local storage and configuration in FortiClient for Windows before 6.4.0 may allow an attacker with access to the local storage or the configuration backup file to decrypt the sensitive data via knowledge ...
Fortinet Forticlient
445
VMScore
CVE-2021-44167
An incorrect permission assignment for critical resource vulnerability [CWE-732] in FortiClient for Linux version 6.0.8 and below, 6.2.9 and below, 6.4.7 and below, 7.0.2 and below may allow an unauthenticated malicious user to access sensitive information in log files and direct...
Fortinet Forticlient
NA
CVE-2022-26113
An execution with unnecessary privileges vulnerability [CWE-250] in FortiClientWindows 7.0.0 up to and including 7.0.3, 6.4.0 up to and including 6.4.7, 6.2.0 up to and including 6.2.9, 6.0.0 up to and including 6.0.10 may allow a local malicious user to perform an arbitrary file...
Fortinet Forticlient
703
VMScore
CVE-2021-22127
An improper input validation vulnerability in FortiClient for Linux 6.4.x prior to 6.4.3, FortiClient for Linux 6.2.x prior to 6.2.9 may allow an unauthenticated malicious user to execute arbitrary code on the host operating system as root via tricking the user into connecting to...
Fortinet Forticlient
641
VMScore
CVE-2015-5737
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, (4) mdare64_52.sys, and (5) Fortishield.sys drivers in Fortinet FortiClient prior to 5.2.4 do not properly restrict access to the API for management of processes and the Windows registry, which allows local users to ...
Fortinet Forticlient
445
VMScore
CVE-2015-1453
The qm class in Fortinet FortiClient 5.2.3.091 for Android uses a hardcoded encryption key of FoRtInEt!AnDrOiD, which makes it easier for malicious users to obtain passwords and possibly other sensitive data by leveraging the key to decrypt data in the Shared Preferences.
Fortinet Forticlient
409
VMScore
CVE-2021-44169
A improper initialization in Fortinet FortiClient (Windows) version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows malicious user to gain administrative privileges via placing a malicious executable inside the FortiClient instal...
Fortinet Forticlient
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »