Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet forticlient vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2018-9193
A local privilege escalation in Fortinet FortiClient for Windows 6.0.4 and previous versions allows malicious user to execute unauthorized code or commands via the parsing of the file.
Fortinet Forticlient
2.1
CVSSv2
CVE-2015-4077
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient prior to 5.2.4 allow local users to read arbitrary kernel memory via a 0x22608C ioctl call.
Fortinet Forticlient
1 EDB exploit
6.8
CVSSv2
CVE-2019-17652
A stack buffer overflow vulnerability in FortiClient for Linux 6.2.1 and below may allow a user with low privilege to cause FortiClient processes running under root priviledge crashes via sending specially crafted "StartAvCustomScan" type IPC client requests to the fcts...
Fortinet Forticlient
7.2
CVSSv2
CVE-2009-1262
Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local users to execute arbitrary code via format string specifiers in the VPN connection name.
Fortinet Forticlient 3.0.614
4.3
CVSSv2
CVE-2015-1569
Fortinet FortiClient 5.2.028 for iOS does not validate certificates, which makes it easier for man-in-the-middle malicious users to spoof SSL VPN servers via a crafted certificate.
Fortinet Forticlient 5.2.028
4.6
CVSSv2
CVE-2021-43066
A external control of file name or path in Fortinet FortiClientWindows version 7.0.2 and below, version 6.4.6 and below, version 6.2.9 and below, version 6.0.10 and below allows malicious user to escalate privilege via the MSI installer.
Fortinet Forticlient
NA
CVE-2022-33877
An incorrect default permission [CWE-276] vulnerability in FortiClient (Windows) versions 7.0.0 up to and including 7.0.6 and 6.4.0 up to and including 6.4.8 and FortiConverter (Windows) versions 6.2.0 up to and including 6.2.1, 7.0.0 and all versions of 6.0.0 may allow a local a...
Fortinet Forticonverter 7.0.0
Fortinet Forticonverter 6.2.0
Fortinet Forticonverter 6.2.1
Fortinet Forticonverter
Fortinet Forticlient
7.2
CVSSv2
CVE-2008-0779
The fortimon.sys device driver in Fortinet FortiClient Host Security 3.0 MR5 Patch 3 and previous versions does not properly initialize its DeviceExtension, which allows local users to access kernel memory and execute arbitrary code via a crafted request.
Fortinet Forticlient Host Security
6.9
CVSSv2
CVE-2020-9287
An Unsafe Search Path vulnerability in FortiClient EMS online installer 6.2.1 and below may allow a local attacker with control over the directory in which FortiClientEMSOnlineInstaller.exe resides to execute arbitrary code on the system via uploading malicious Filter Library DLL...
Fortinet Forticlient Emergency Management Server
NA
CVE-2023-48788
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 up to and including 7.2.2, FortiClientEMS 7.0.1 up to and including 7.0.10 allows malicious user to execute unauthorized code or commands via ...
Fortinet Forticlient Enterprise Management Server
6 Github repositories
4 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »