855 matches found
The vulnerability of the Fortinet FortiClient for Windows security tool lies in the insecure use of temporary files, which allows a malicious actor to escalate their privileges.
The vulnerability of the Fortinet FortiClient for Windows security tool is related to the unsafe use of temporary files. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the installation file FortiClientEMSOnlineInstaller.exe of the Fortinet FortiClient Enterprise Management Server (EMS) allows a perpetrator to execute arbitrary code.
The vulnerability of the installation file FortiClientEMSOnlineInstaller.exe of the Fortinet FortiClient Enterprise Management Server EMS server is related to errors in the path validation mechanism. Exploiting this vulnerability could allow an attacker to execute arbitrary code using specially...
AV Engine evasion via malformed RAR file
FortiClient and FortiOS AV engines may not immediately detect certain types of malformed or non-standard RAR archives, potentially containing malicious files...
PT-2020-6791 · Fortinet · Fortios +1
Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS affected versions not specified Fortinet FortiClient for Mac affected versions not specified Description: The issue is related to a flaw in the Fortinet antivirus scanner, affecting FortiOS and FortiClient for Mac, which occu...
Fortinet FortiOS and Fortinet FortiClient Security Feature Issue Vulnerability
Fortinet FortiOS and Fortinet FortiClient are both products of the U.S. company Fita Fortinet.Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and...
Fortinet FortiClient Elevation of Privilege Vulnerability (CNVD-2020-61068)
Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. FortiClient Linux has a security vulnerability that can ...
Vulnerability fixed in FortiClient
A vulnerability has been fixed in FortiClient for Linux. The vulnerability enables a local malicious person who has the ability has the ability to run scripts or programs on the system is able to able to obtain elevated privileges. FortiNet has released updates to fix the vulnerability. More...
PT-2020-7002 · Fortinet · Forticlient For Linux
Name of the Vulnerable Software and Affected Versions: FortiClient for Linux versions 6.2.7 and below, version 6.4.0 Description: The issue is related to insecure privilege management in the VCM engine of FortiClient for Linux. Exploitation of this issue may allow a remote attacker to elevate the...
Privilege escalation vulnerability in FortiClient for Linux
...
New Flaws in Top Antivirus Software Could Make Computers More Vulnerable
Cybersecurity researchers today disclosed details of security vulnerabilities found in popular antivirus solutions that could enable attackers to elevate their privileges, thereby helping malware sustain its foothold on the compromised systems. According to a report published by CyberArk research...
Fortinet FortiOS < 5.6.13 / 6.0 < 6.0.11 Buffer Overflow (FG-IR-20-083)
The remote host is running a version of FortiOS prior to 5.6.13, or 6.x prior to 6.0.11. It is, therefore, affected by an buffer overflow in the FortiClient NAC daemon that could allow a authenticated remote attacker to crash the FortiClient NAC daemon and theoritcally execute remote code, althou...
PT-2020-6796 · Fortinet · Forticlient +1
Name of the Vulnerable Software and Affected Versions: FortiOS versions 6.0.10 and below FortiOS versions 5.6.12 and below Description: The issue is related to a stack-based buffer overflow in the FortiClient NAC daemon fcnacd that can be exploited by a remote attacker authenticated to the SSL VP...
CVE-2019-16150
Use of a hard-coded cryptographic key to encrypt security sensitive data in local storage and configuration in FortiClient for Windows prior to 6.4.0 may allow an attacker with access to the local storage or the configuration backup file to decrypt the sensitive data via knowledge of the hard-cod...
CVE-2019-16150
Use of a hard-coded cryptographic key to encrypt security sensitive data in local storage and configuration in FortiClient for Windows prior to 6.4.0 may allow an attacker with access to the local storage or the configuration backup file to decrypt the sensitive data via knowledge of the hard-cod...
Hardcoded credentials
Use of a hard-coded cryptographic key to encrypt security sensitive data in local storage and configuration in FortiClient for Windows prior to 6.4.0 may allow an attacker with access to the local storage or the configuration backup file to decrypt the sensitive data via knowledge of the hard-cod...
CVE-2019-16150
Use of a hard-coded cryptographic key to encrypt security sensitive data in local storage and configuration in FortiClient for Windows prior to 6.4.0 may allow an attacker with access to the local storage or the configuration backup file to decrypt the sensitive data via knowledge of the hard-cod...
CVE-2019-16150
Use of a hard-coded cryptographic key to encrypt security sensitive data in local storage and configuration in FortiClient for Windows prior to 6.4.0 may allow an attacker with access to the local storage or the configuration backup file to decrypt the sensitive data via knowledge of the hard-cod...
CVE-2019-16150
Fortinet FortiClient for Windows is affected when running versions prior to 6.4.0. The issue arises from the use of a hard-coded cryptographic key to encrypt data in local storage and configuration, which could allow an attacker with access to the local storage or configuration backups to decrypt...
Fortinet FortiClient Trust Management Issue Vulnerability
Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. A security vulnerability exists in Fortinet FortiClient...
Fortinet FortiClient < 6.4.0 Use of Hard-coded Cryptographic Key (FG-IR-19-194)
The version of Fortinet FortiClient running on the remote host is prior to 6.4.0. It is, therefore, affected by a an information disclosure vulnerability due to the use of a hard-coded cryptographic key to encrypt security sensitive data in configuration. An attacker with access to the...