CVE-2021-44169

A improper initialization in Fortinet FortiClient Windows version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory...

The vulnerability of Fortinet FortiClient Windows security devices, related to the use of an insecure search path, allows attackers to execute arbitrary code.

The vulnerability of Fortinet FortiClient Windows protection devices is related to the use of an insecure lookup path. Exploiting this vulnerability allows attackers to execute arbitrary code...

CVE-2022-40681

A incorrect authorization in Fortinet FortiClient Windows 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to cause denial of service via sending a crafted request to a specific named pipe...

The vulnerability of the server console for managing Fortinet FortiClient Enterprise Management Server programs allows a perpetrator to execute a brute-force attack.

The vulnerability of the server console for managing Fortinet FortiClient Enterprise Management Server EMS is related to the lack of authentication attempt limits. Exploiting this vulnerability allows a malicious actor to execute a brute-force attack remotely...

The vulnerability of the Command Line Interface (CLI) of the Fortinet FortiClient security device allows a perpetrator to increase their privileges and execute arbitrary code.

The vulnerability of the Command Line Interface CLI of the Fortinet FortiClient security device relates to bypassing the authentication process by using an alternative path or channel. Exploiting this vulnerability allows an attacker to enhance their privileges and execute arbitrary code by sendi...

CVE-2024-50564

A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all versions, 7.0.x all versions, and 6.4.x all versions may allow a low-privileged user to decrypt interprocess communication via monitoring named piped...

CVE-2024-50564

A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all versions, 7.0.x all versions, and 6.4.x all versions may allow a low-privileged user to decrypt interprocess communication via monitoring named piped...

CVE-2024-50564

A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all versions, 7.0.x all versions, and 6.4.x all versions may allow a low-privileged user to decrypt interprocess communication via monitoring named piped...

CVE-2024-50564

A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all versions, 7.0.x all versions, and 6.4.x all versions may allow a low-privileged user to decrypt interprocess communication via monitoring named piped...

CVE-2024-50564

CVE-2024-50564 affects Fortinet FortiClientWindows across versions 6.4.x–7.4.0. The issue is a hard-coded cryptographic key used for interprocess communication via a monitored named pipe, which may enable a low-privileged user to decrypt IPC data. The vulnerability is documented as a local issue ...

Fortinet FortiClient CVE-2023-4863 - Heap overflow in Chrome/libwebp (FG-IR-23-381) (macOS)

The version of FortiClient installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-381 advisory. - Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to...

Fortinet FortiClient CVE-2023-4863 - Heap overflow in Chrome/libwebp (FG-IR-23-381)

The version of FortiClient installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-381 advisory. - Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to...

Fortinet FortiClient Hardcoded Encryption Key Used for Named Pipe Communication (FG-IR-24-216)

The version of FortiClient installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-216 advisory. - Threat actors can gain access to a plain text encryption key that is saved as part of the FortiClient services executable...

PT-2025-15434 · Fortinet · Forticlient

Name of the Vulnerable Software and Affected Versions: Fortinet FortiClient versions prior to 7.4.1 Description: The issue is related to an improper neutralization of input during web page generation, also known as Cross-site Scripting. This may allow the EMS administrator to send messages...

Fortinet FortiClient 7.0.x < 7.0.14 / 7.2.x < 7.2.7 / 7.4.x < 7.4.2 Information Disclosure (FG-IR-23-278)

The version of Fortinet FortiClient running on the remote host is prior to 7.0.14, 7.2.7, or 7.4.2. It is, therefore, affected by a an information disclosure vulnerability due to the use of a hard-coded cryptographic key to encrypt security sensitive data in configuration. An attacker with access...

The vulnerability of the Fortinet FortiClient Enterprise Management Server (EMS) and the FortiClient EMS Cloud cloud storage service lies in the lack of data cleaning measures at the management level. This allows attackers to execute arbitrary code.

The vulnerability of the Fortinet FortiClient Enterprise Management Server EMS and the FortiClient EMS Cloud cloud storage service is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Fortinet FortiClient Enterprise Management Server (EMS) server lies in the incorrect path limitation for the restricted access directory. This allows a malicious actor to perform service denial-of-service attacks, read from or write to a limited number of files.

The vulnerability of the Fortinet FortiClient Enterprise Management Server EMS server relates to incorrect restrictions on the path name to the restricted directory. Exploiting this vulnerability allows a malicious actor to perform maintenance actions, read from or write to a limited number of...

The vulnerability of the SAML SSO function of Fortinet’s FortiClient products for Windows, Mac, and iOS lies in authentication process errors, which allow attackers to perform a Mitm attack.

The vulnerability of the SAML SSO function in Fortinet’s FortiClient products for Windows, Mac, and iOS is related to errors in the certificate authentication process. Exploiting this vulnerability can allow an attacker to perform a “man-in-the-middle” attack...

The vulnerability of the VPN protection component of Fortinet’s FortiClient devices, which allows unauthorized access to protected information

The vulnerability of the Fortinet FortiClient security device’s VPN component lies in the fact that confidential information is stored in unencrypted form in its memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to the protected information...

The vulnerability of the Fortinet FortiClient security device, related to errors in the certificate validation process, allows a perpetrator to execute a type of “man-in-the-middle” attack.

The vulnerability of the Fortinet FortiClient security device is related to errors in the certificate validation process. Exploiting this vulnerability allows a malicious actor to carry out a “man-in-the-middle” attack...