Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet forticlient vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-17650
An Improper Neutralization of Special Elements used in a Command vulnerability in one of FortiClient for Mac OS root processes, may allow a local user of the system on which FortiClient is running to execute unauthorized code as root by bypassing a security check.
Fortinet Forticlient
6.5
CVSSv3
CVE-2019-17652
A stack buffer overflow vulnerability in FortiClient for Linux 6.2.1 and below may allow a user with low privilege to cause FortiClient processes running under root priviledge crashes via sending specially crafted "StartAvCustomScan" type IPC client requests to the fcts...
Fortinet Forticlient
9.8
CVSSv3
CVE-2019-17658
An unquoted service path vulnerability in the FortiClient FortiTray component of FortiClientWindows v6.2.2 and prior allow an malicious user to gain elevated privileges via the FortiClientConsole executable service path.
Fortinet Forticlient
1 Github repository
7.8
CVSSv3
CVE-2022-40682
A incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an malicious user to execute unauthorized code or commands via sending a crafted request to a specific named pipe.
Fortinet Forticlient
7.8
CVSSv3
CVE-2018-13368
A local privilege escalation in Fortinet FortiClient for Windows 6.0.4 and previous versions allows malicious user to execute unauthorized code or commands via the command injection.
Fortinet Forticlient
7.8
CVSSv3
CVE-2020-9291
An Insecure Temporary File vulnerability in FortiClient for Windows 6.2.1 and below may allow a local user to gain elevated privileges via exhausting the pool of temporary file names combined with a symbolic link attack.
Fortinet Forticlient
7.8
CVSSv3
CVE-2021-36183
An improper authorization vulnerability [CWE-285] in FortiClient for Windows versions 7.0.1 and below and 6.4.2 and below may allow a local unprivileged malicious user to escalate their privileges to SYSTEM via the named pipe responsible for Forticlient updates.
Fortinet Forticlient
7.1
CVSSv3
CVE-2019-16155
A privilege escalation vulnerability in FortiClient for Linux 6.2.1 and below may allow a user with low privilege to overwrite system files as root with arbitrary content through system backup file via specially crafted "BackupConfig" type IPC client requests to the fct...
Fortinet Forticlient
7.1
CVSSv3
CVE-2022-40681
A incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an malicious user to cause denial of service via sending a crafted request to a specific named pipe.
Fortinet Forticlient
5.5
CVSSv3
CVE-2019-16150
Use of a hard-coded cryptographic key to encrypt security sensitive data in local storage and configuration in FortiClient for Windows before 6.4.0 may allow an attacker with access to the local storage or the configuration backup file to decrypt the sensitive data via knowledge ...
Fortinet Forticlient
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »