11 matches found
EUVD-2024-35258
Malicious code in bioql PyPI...
EUVD-2025-17801
Malicious code in bioql PyPI...
The vulnerability of the VPN protection component of Fortinet’s FortiClient devices, which allows unauthorized access to protected information
The vulnerability of the Fortinet FortiClient security device’s VPN component lies in the fact that confidential information is stored in unencrypted form in its memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to the protected information...
CVE-2024-35282
A cleartext storage of sensitive information in memory vulnerability CWE-316 affecting FortiClient VPN iOS 7.2 all versions, 7.0 all versions, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an unauthenticated attacker that has physical access to a jailbroken device to obtain...
CVE-2024-35282
A cleartext storage of sensitive information in memory vulnerability CWE-316 affecting FortiClient VPN iOS 7.2 all versions, 7.0 all versions, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an unauthenticated attacker that has physical access to a jailbroken device to obtain...
CVE-2024-35282
A cleartext storage of sensitive information in memory vulnerability CWE-316 affecting FortiClient VPN iOS 7.2 all versions, 7.0 all versions, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an unauthenticated attacker that has physical access to a jailbroken device to obtain...
CVE-2024-35282
A cleartext storage of sensitive information in memory vulnerability CWE-316 affecting FortiClient VPN iOS 7.2 all versions, 7.0 all versions, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an unauthenticated attacker that has physical access to a jailbroken device to obtain...
CVE-2024-35282
CVE-2024-35282 describes a vulnerability in FortiClient VPN for iOS where sensitive information is stored in cleartext in memory (CWE-316). The issue can allow an unauthenticated, physically proximate attacker on a jailbroken device to obtain cleartext passwords via a keychain dump. Affected vers...
Gain Windows privileges with FortiClient vpn before logon and untrusted certificate
When the "VPN before logon" feature of FortiClient Windows is enabled disabled by default, and when the server certificate is not valid, it is possible for an attacker without a user account on the targeted Windows workstation to obtain SYSTEM level privileges, via exploiting the Windows "securi...
FortiClient VPN - External URLs, KeyStore usage, Native code usage vulnerabilities
HackApp vulnerability scanner discovered that application FortiClient VPN published at the 'play' market has multiple vulnerabilities...
Potential Man-In-The Middle Vulnerability in FortiClient VPN
...