Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet forticlient vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2018-9191
A local privilege escalation in Fortinet FortiClient for Windows 6.0.4 and previous versions allows malicious users to execute unauthorized code or commands via the named pipe responsible for Forticlient updates.
Fortinet Forticlient
4.4
CVSSv2
CVE-2019-6692
A malicious DLL preload vulnerability in Fortinet FortiClient for Windows 6.2.0 and below allows a privileged malicious user to perform arbitrary code execution via forging that DLL.
Fortinet Forticlient
4.3
CVSSv2
CVE-2018-9195
Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiCl...
Fortinet Forticlient
Fortinet Fortios
4.3
CVSSv2
CVE-2015-1569
Fortinet FortiClient 5.2.028 for iOS does not validate certificates, which makes it easier for man-in-the-middle malicious users to spoof SSL VPN servers via a crafted certificate.
Fortinet Forticlient 5.2.028
4.3
CVSSv2
CVE-2015-1570
The Endpoint Control protocol implementation in Fortinet FortiClient 5.2.3.091 for Android and 5.2.028 for iOS does not validate certificates, which makes it easier for man-in-the-middle malicious users to spoof servers via a crafted certificate.
Fortinet Forticlient 5.2.3.091
Fortinet Forticlient 5.2.028
4
CVSSv2
CVE-2021-36189
A missing encryption of sensitive data in Fortinet FortiClientEMS version 7.0.1 and below, version 6.4.4 and below allows malicious user to information disclosure via inspecting browser decrypted data
Fortinet Forticlient Enterprise Management Server
Fortinet Forticlient Enterprise Management Server 6.4.6
Fortinet Forticlient Enterprise Management Server 7.0.0
Fortinet Forticlient Enterprise Management Server 7.0.1
4
CVSSv2
CVE-2017-14184
An Information Disclosure vulnerability in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2334 and below versions allows regular users to see each other's VPN authenticat...
Fortinet Forticlient
Fortinet Forticlient Sslvpn Client
3.5
CVSSv2
CVE-2021-42754
An improper control of generation of code vulnerability [CWE-94] in FortiClientMacOS versions 7.0.0 and below and 6.4.5 and below may allow an authenticated malicious user to hijack the MacOS camera without the user permission via the malicious dylib file.
Fortinet Forticlient
Fortinet Forticlient 7.0.0
3.5
CVSSv2
CVE-2020-15940
An improper neutralization of input vulnerability [CWE-79] in FortiClientEMS versions 6.4.1 and below and 6.2.9 and below may allow a remote authenticated malicious user to inject malicious script/tags via the name parameter of various sections of the server.
Fortinet Forticlient Enterprise Management Server
2.1
CVSSv2
CVE-2019-15704
A clear text storage of sensitive information vulnerability in FortiClient for Mac may allow a local malicious user to read sensitive information logged in the console window when the user connects to an SSL VPN Gateway.
Fortinet Forticlient
Fortinet Forticlient 6.2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »