CVE-2024-35281

🗓️ 13 May 2025 14:46:42Reported by fortinetType

Improper isolation vulnerability in FortiClientMac and FortiVoiceUCDesktop allows code injection.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2024-35281	13 May 202515:31	–	circl
CNNVD	Fortinet FortiClientMAC和Fortinet FortiVoiceUCDesktop 安全漏洞	13 May 202500:00	–	cnnvd
CVE	CVE-2024-35281	13 May 202514:46	–	cve
EUVD	EUVD-2024-54503	3 Oct 202520:07	–	euvd
Tenable Nessus	Fortinet FortiClient Code Execution due to Node.JS Environment Variable (FG-IR-24-025) (macOS)	13 May 202500:00	–	nessus
NVD	CVE-2024-35281	13 May 202515:15	–	nvd
Positive Technologies	PT-2025-20901	13 May 202500:00	–	ptsecurity
RedhatCVE	CVE-2024-35281	15 May 202515:17	–	redhatcve
Vulnrichment	CVE-2024-35281	13 May 202514:46	–	vulnrichment

[
  {
    "vendor": "Fortinet",
    "product": "FortiClientMac",
    "cpes": [],
    "defaultStatus": "unaffected",
    "versions": [
      {
        "versionType": "semver",
        "version": "7.4.0",
        "lessThanOrEqual": "7.4.2",
        "status": "affected"
      },
      {
        "versionType": "semver",
        "version": "7.2.0",
        "lessThanOrEqual": "7.2.8",
        "status": "affected"
      },
      {
        "versionType": "semver",
        "version": "7.0.0",
        "lessThanOrEqual": "7.0.14",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fortinet",
    "product": "FortiVoiceUCDesktop",
    "cpes": [],
    "defaultStatus": "unaffected",
    "versions": [
      {
        "versionType": "semver",
        "version": "3.0.0",
        "lessThanOrEqual": "3.0.16",
        "status": "affected"
      }
    ]
  }
]

Source	Link
fortiguard	www.fortiguard.fortinet.com/psirt/FG-IR-24-025

13 May 2025 14:46Current

CVSS 3.12.5

EPSS0.00057

CWE-653