Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet forticlient vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-48788
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 up to and including 7.2.2, FortiClientEMS 7.0.1 up to and including 7.0.10 allows malicious user to execute unauthorized code or commands via ...
Fortinet Forticlient Enterprise Management Server
6 Github repositories
4 Articles
9.8
CVSSv3
CVE-2021-24019
An insufficient session expiration vulnerability [CWE- 613] in FortiClientEMS versions 6.4.2 and below, 6.2.8 and below may allow an malicious user to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID (via o...
Fortinet Forticlient Endpoint Management Server
9.8
CVSSv3
CVE-2019-17658
An unquoted service path vulnerability in the FortiClient FortiTray component of FortiClientWindows v6.2.2 and prior allow an malicious user to gain elevated privileges via the FortiClientConsole executable service path.
Fortinet Forticlient
1 Github repository
9.1
CVSSv3
CVE-2021-41030
An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7.0.1 and below and 6.4.4 and below may allow an unauthenticated malicious user to impersonate an existing user by intercepting and re-using valid SAML authentication messages.
Fortinet Forticlient Enterprise Management Server
Fortinet Forticlient Enterprise Management Server 7.0.0
Fortinet Forticlient Enterprise Management Server 7.0.1
8.8
CVSSv3
CVE-2023-47534
A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7.2.0 up to and including 7.2.2, 7.0.0 up to and including 7.0.10, 6.4.0 up to and including 6.4.9, 6.2.0 up to and including 6.2.9, 6.0.0 up to and including 6.0.8 allows malicious use...
Fortinet Forticlient Endpoint Management Server
2 Articles
8.8
CVSSv3
CVE-2021-44169
A improper initialization in Fortinet FortiClient (Windows) version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows malicious user to gain administrative privileges via placing a malicious executable inside the FortiClient instal...
Fortinet Forticlient
8.8
CVSSv3
CVE-2017-14184
An Information Disclosure vulnerability in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2334 and below versions allows regular users to see each other's VPN authenticat...
Fortinet Forticlient
Fortinet Forticlient Sslvpn Client
8.8
CVSSv3
CVE-2016-8493
In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClientNamedPipe vulnerability.
Fortinet Forticlient 5.4.2
Fortinet Forticlient 5.4.1
8.6
CVSSv3
CVE-2022-26122
An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an malicious user to bypass the AV engine via manipulating MIME attachment with junk and pa...
Fortinet Fortimail 4.1.0
Fortinet Fortimail
Fortinet Fortios
Fortinet Fortios 7.2.0
Fortinet Antivirus Engine 6.33
Fortinet Antivirus Engine 6.253
Fortinet Antivirus Engine 6.252
Fortinet Antivirus Engine 6.243
Fortinet Antivirus Engine 6.157
Fortinet Antivirus Engine 6.156
Fortinet Antivirus Engine 6.145
Fortinet Antivirus Engine 6.144
Fortinet Antivirus Engine 6.142
Fortinet Antivirus Engine 6.137
Fortinet Antivirus Engine 4.4.54
Fortinet Antivirus Engine 2.0.60
Fortinet Antivirus Engine 2.0.49
Fortinet Antivirus Engine 0.4.23
8.1
CVSSv3
CVE-2022-43946
Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE-732] vulnerability and a time-of-check time-of-use (TOCTOU) race condition [CWE-367] vulnerability in Fortinet FortiClientWindows prior to 7.0.7 allows attackers on the same file shar...
Fortinet Forticlient
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »