855 matches found
Fortinet Fortigate Evasion by manipulating MIME attachment (FG-IR-22-074)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-074 advisory. - An insufficient verification of data authenticity vulnerability CWE-345 in FortiClient, FortiMail and FortiOS AV engines...
PT-2024-10306 · Fortinet · Forticlient
Name of the Vulnerable Software and Affected Versions: Fortinet FortiClientWindows versions 6.4.0 through 6.4.10 Fortinet FortiClientWindows versions 7.0.0 through 7.0.12 Fortinet FortiClientWindows versions 7.2.0 through 7.2.4 Fortinet FortiClientWindows version 7.4.0 Description: The issue is...
Fortinet FortiClient EMS < 7.2.5 (FG-IR-23-362)
The version of Fortinet FortiClient EMS installed on the remote host is prior to 7.2.5. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-362 advisory. - A improper limitation of a pathname to a restricted directory 'path traversal' in Fortinet FortiClientEMS versions...
CVE-2024-35282
A cleartext storage of sensitive information in memory vulnerability CWE-316 affecting FortiClient VPN iOS 7.2 all versions, 7.0 all versions, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an unauthenticated attacker that has physical access to a jailbroken device to obtain...
CVE-2024-35282
A cleartext storage of sensitive information in memory vulnerability CWE-316 affecting FortiClient VPN iOS 7.2 all versions, 7.0 all versions, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an unauthenticated attacker that has physical access to a jailbroken device to obtain...
CVE-2024-31489
AAn improper certificate validation vulnerability CWE-295 in FortiClientWindows 7.2.0 through 7.2.2, 7.0.0 through 7.0.11, FortiClientLinux 7.2.0, 7.0.0 through 7.0.11 and FortiClientMac 7.0.0 through 7.0.11, 7.2.0 through 7.2.4 may allow a remote and unauthenticated attacker to perform a...
CVE-2024-31489
AAn improper certificate validation vulnerability CWE-295 in FortiClientWindows 7.2.0 through 7.2.2, 7.0.0 through 7.0.11, FortiClientLinux 7.2.0, 7.0.0 through 7.0.11 and FortiClientMac 7.0.0 through 7.0.11, 7.2.0 through 7.2.4 may allow a remote and unauthenticated attacker to perform a...
CVE-2022-45856
An improper certificate validation vulnerability CWE-295 in FortiClientWindows 6.4 all versions, 7.0.0 through 7.0.7, FortiClientMac 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.4, FortiClientLinux 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.4, FortiClientAndroid 6.4 all...
CVE-2022-45856
An improper certificate validation vulnerability CWE-295 in FortiClientWindows 6.4 all versions, 7.0.0 through 7.0.7, FortiClientMac 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.4, FortiClientLinux 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.4, FortiClientAndroid 6.4 all...
CVE-2024-31489
AAn improper certificate validation vulnerability CWE-295 in FortiClientWindows 7.2.0 through 7.2.2, 7.0.0 through 7.0.11, FortiClientLinux 7.2.0, 7.0.0 through 7.0.11 and FortiClientMac 7.0.0 through 7.0.11, 7.2.0 through 7.2.4 may allow a remote and unauthenticated attacker to perform a...
CVE-2024-31489
AAn improper certificate validation vulnerability CWE-295 in FortiClientWindows 7.2.0 through 7.2.2, 7.0.0 through 7.0.11, FortiClientLinux 7.2.0, 7.0.0 through 7.0.11 and FortiClientMac 7.0.0 through 7.0.11, 7.2.0 through 7.2.4 may allow a remote and unauthenticated attacker to perform a...
CVE-2022-45856
An improper certificate validation vulnerability CWE-295 in FortiClientWindows 6.4 all versions, 7.0.0 through 7.0.7, FortiClientMac 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.4, FortiClientLinux 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.4, FortiClientAndroid 6.4 all...
CVE-2024-31489
CVE-2024-31489 is a concrete issue: FortiClient components (Windows 7.0.0–7.0.11 and 7.2.0–7.2.2; Linux 7.0.0–7.0.11; Mac 7.0.0–7.0.11 and 7.2.0–7.2.4) suffer an improper certificate validation (CWE-295) that allows remote, unauthenticated MITM during ZTNA tunnel establishment with FortiGate. Aff...
CVE-2022-45856
CVE-2022-45856 affects FortiClient across multiple platforms with an improper certificate validation (CWE-295) in the SAML SSO feature, potentially allowing an unauthenticated attacker to perform a man-in-the-middle between FortiClient and both the service provider and identity provider. Affected...
CVE-2022-45856
An improper certificate validation vulnerability CWE-295 in FortiClientWindows 6.4 all versions, 7.0.0 through 7.0.7, FortiClientMac 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.4, FortiClientLinux 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.4, FortiClientAndroid 6.4 all...
CVE-2024-35282
A cleartext storage of sensitive information in memory vulnerability CWE-316 affecting FortiClient VPN iOS 7.2 all versions, 7.0 all versions, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an unauthenticated attacker that has physical access to a jailbroken device to obtain...
CVE-2024-35282
CVE-2024-35282 describes a vulnerability in FortiClient VPN for iOS where sensitive information is stored in cleartext in memory (CWE-316). The issue can allow an unauthenticated, physically proximate attacker on a jailbroken device to obtain cleartext passwords via a keychain dump. Affected vers...
CVE-2024-35282
A cleartext storage of sensitive information in memory vulnerability CWE-316 affecting FortiClient VPN iOS 7.2 all versions, 7.0 all versions, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an unauthenticated attacker that has physical access to a jailbroken device to obtain...
Fortinet FortiClient 信任管理问题漏洞
Fortinet FortiClient is a mobile endpoint security solution from Fortinet, Inc. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance, and two-factor authentication when connected to a FortiGate firewall appliance. Fortinet FortiClient is vulnerable to a trust...
Fortinet FortiClient 安全漏洞
Fortinet FortiClient is a fabric agent from Fortinet, Inc. It is used to provide protection, compliance, and secure access in a single modular lightweight client. A security vulnerability exists in Fortinet FortiClient that originates from the plaintext storage of sensitive information in memory...