Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet forticlient vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2015-5735
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient prior to 5.2.4 allow local users to write to arbitrary memory locations via a 0x226108 ioctl call.
Fortinet Forticlient
736
VMScore
CVE-2015-5736
The Fortishield.sys driver in Fortinet FortiClient prior to 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 ioctl call.
Fortinet Forticlient
3 EDB exploits
3 Github repositories
409
VMScore
CVE-2020-9291
An Insecure Temporary File vulnerability in FortiClient for Windows 6.2.1 and below may allow a local user to gain elevated privileges via exhausting the pool of temporary file names combined with a symbolic link attack.
Fortinet Forticlient
641
VMScore
CVE-2009-1262
Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local users to execute arbitrary code via format string specifiers in the VPN connection name.
Fortinet Forticlient 3.0.614
383
VMScore
CVE-2015-1569
Fortinet FortiClient 5.2.028 for iOS does not validate certificates, which makes it easier for man-in-the-middle malicious users to spoof SSL VPN servers via a crafted certificate.
Fortinet Forticlient 5.2.028
409
VMScore
CVE-2021-43066
A external control of file name or path in Fortinet FortiClientWindows version 7.0.2 and below, version 6.4.6 and below, version 6.2.9 and below, version 6.0.10 and below allows malicious user to escalate privilege via the MSI installer.
Fortinet Forticlient
NA
CVE-2022-33877
An incorrect default permission [CWE-276] vulnerability in FortiClient (Windows) versions 7.0.0 up to and including 7.0.6 and 6.4.0 up to and including 6.4.8 and FortiConverter (Windows) versions 6.2.0 up to and including 6.2.1, 7.0.0 and all versions of 6.0.0 may allow a local a...
Fortinet Forticonverter 7.0.0
Fortinet Forticonverter 6.2.0
Fortinet Forticonverter 6.2.1
Fortinet Forticonverter
Fortinet Forticlient
641
VMScore
CVE-2008-0779
The fortimon.sys device driver in Fortinet FortiClient Host Security 3.0 MR5 Patch 3 and previous versions does not properly initialize its DeviceExtension, which allows local users to access kernel memory and execute arbitrary code via a crafted request.
Fortinet Forticlient Host Security
NA
CVE-2023-48788
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 up to and including 7.2.2, FortiClientEMS 7.0.1 up to and including 7.0.10 allows malicious user to execute unauthorized code or commands via ...
Fortinet Forticlient Enterprise Management Server
6 Github repositories
4 Articles
NA
CVE-2021-44172
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClientEMS versions 7.0.0 up to and including 7.0.4, 7.0.6 up to and including 7.0.7, in all 6.4 and 6.2 version management interface may allow an unauthenticated malicious user to gain i...
Fortinet Forticlient Endpoint Management Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »