Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet forticlient vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-44167
An incorrect permission assignment for critical resource vulnerability [CWE-732] in FortiClient for Linux version 6.0.8 and below, 6.2.9 and below, 6.4.7 and below, 7.0.2 and below may allow an unauthenticated malicious user to access sensitive information in log files and direct...
Fortinet Forticlient
8.8
CVSSv3
CVE-2021-44169
A improper initialization in Fortinet FortiClient (Windows) version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows malicious user to gain administrative privileges via placing a malicious executable inside the FortiClient instal...
Fortinet Forticlient
7.1
CVSSv3
CVE-2022-26113
An execution with unnecessary privileges vulnerability [CWE-250] in FortiClientWindows 7.0.0 up to and including 7.0.3, 6.4.0 up to and including 6.4.7, 6.2.0 up to and including 6.2.9, 6.0.0 up to and including 6.0.10 may allow a local malicious user to perform an arbitrary file...
Fortinet Forticlient
NA
CVE-2015-1569
Fortinet FortiClient 5.2.028 for iOS does not validate certificates, which makes it easier for man-in-the-middle malicious users to spoof SSL VPN servers via a crafted certificate.
Fortinet Forticlient 5.2.028
NA
CVE-2009-1262
Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local users to execute arbitrary code via format string specifiers in the VPN connection name.
Fortinet Forticlient 3.0.614
7.8
CVSSv3
CVE-2021-43066
A external control of file name or path in Fortinet FortiClientWindows version 7.0.2 and below, version 6.4.6 and below, version 6.2.9 and below, version 6.0.10 and below allows malicious user to escalate privilege via the MSI installer.
Fortinet Forticlient
5.5
CVSSv3
CVE-2022-33877
An incorrect default permission [CWE-276] vulnerability in FortiClient (Windows) versions 7.0.0 up to and including 7.0.6 and 6.4.0 up to and including 6.4.8 and FortiConverter (Windows) versions 6.2.0 up to and including 6.2.1, 7.0.0 and all versions of 6.0.0 may allow a local a...
Fortinet Forticonverter 7.0.0
Fortinet Forticonverter 6.2.0
Fortinet Forticonverter 6.2.1
Fortinet Forticonverter
Fortinet Forticlient
NA
CVE-2008-0779
The fortimon.sys device driver in Fortinet FortiClient Host Security 3.0 MR5 Patch 3 and previous versions does not properly initialize its DeviceExtension, which allows local users to access kernel memory and execute arbitrary code via a crafted request.
Fortinet Forticlient Host Security
5.4
CVSSv3
CVE-2020-15940
An improper neutralization of input vulnerability [CWE-79] in FortiClientEMS versions 6.4.1 and below and 6.2.9 and below may allow a remote authenticated malicious user to inject malicious script/tags via the name parameter of various sections of the server.
Fortinet Forticlient Enterprise Management Server
5.4
CVSSv3
CVE-2020-15941
A path traversal vulnerability [CWE-22] in FortiClientEMS versions 6.4.1 and below; 6.2.8 and below may allow an authenticated malicious user to inject directory traversal character sequences to add/delete the files of the server via the name parameter of Deployment Packages.
Fortinet Forticlient Endpoint Management Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »