Lucene search
K

855 matches found

BDU FSTEC
BDU FSTEC
added 2021/03/11 12:0 a.m.2 views

The vulnerability of the Fortinet FortiClient for Windows security tool lies in the insecure use of temporary files, which allows a malicious actor to escalate their privileges.

The vulnerability of the Fortinet FortiClient for Windows security tool is related to the unsafe use of temporary files. Exploiting this vulnerability can allow attackers to increase their privileges...

7.8CVSS7.2AI score0.00506EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.7 views

The vulnerability of the installation file FortiClientEMSOnlineInstaller.exe of the Fortinet FortiClient Enterprise Management Server (EMS) allows a perpetrator to execute arbitrary code.

The vulnerability of the installation file FortiClientEMSOnlineInstaller.exe of the Fortinet FortiClient Enterprise Management Server EMS server is related to errors in the path validation mechanism. Exploiting this vulnerability could allow an attacker to execute arbitrary code using specially...

7.8CVSS7.7AI score0.00599EPSS
Exploits0References2Affected Software1
Fortinet
Fortinet
added 2020/12/01 12:0 a.m.34 views

AV Engine evasion via malformed RAR file

FortiClient and FortiOS AV engines may not immediately detect certain types of malformed or non-standard RAR archives, potentially containing malicious files...

2.5AI score0.00303EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2020/12/01 12:0 a.m.4 views

PT-2020-6791 · Fortinet · Fortios +1

Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS affected versions not specified Fortinet FortiClient for Mac affected versions not specified Description: The issue is related to a flaw in the Fortinet antivirus scanner, affecting FortiOS and FortiClient for Mac, which occu...

7.5CVSS7AI score0.00303EPSS
Exploits0References7
CNNVD
CNNVD
added 2020/12/01 12:0 a.m.4 views

Fortinet FortiOS and Fortinet FortiClient Security Feature Issue Vulnerability

Fortinet FortiOS and Fortinet FortiClient are both products of the U.S. company Fita Fortinet.Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and...

7.5CVSS5.8AI score0.00303EPSS
Exploits0References4
CNVD
CNVD
added 2020/10/29 12:0 a.m.2 views

Fortinet FortiClient Elevation of Privilege Vulnerability (CNVD-2020-61068)

Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. FortiClient Linux has a security vulnerability that can ...

8.8CVSS7.4AI score0.00227EPSS
Exploits0References1
NCSC
NCSC
added 2020/10/28 12:0 a.m.6 views

Vulnerability fixed in FortiClient

A vulnerability has been fixed in FortiClient for Linux. The vulnerability enables a local malicious person who has the ability has the ability to run scripts or programs on the system is able to able to obtain elevated privileges. FortiNet has released updates to fix the vulnerability. More...

8.8CVSS6.3AI score0.00227EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2020/10/19 12:0 a.m.3 views

PT-2020-7002 · Fortinet · Forticlient For Linux

Name of the Vulnerable Software and Affected Versions: FortiClient for Linux versions 6.2.7 and below, version 6.4.0 Description: The issue is related to insecure privilege management in the VCM engine of FortiClient for Linux. Exploitation of this issue may allow a remote attacker to elevate the...

8.8CVSS7.2AI score0.00227EPSS
Exploits0References9
Fortinet
Fortinet
added 2020/10/19 12:0 a.m.26 views

Privilege escalation vulnerability in FortiClient for Linux

...

6.5AI score0.00227EPSS
Exploits0Affected Software1
The Hacker News
The Hacker News
added 2020/10/05 2:4 p.m.122 views

New Flaws in Top Antivirus Software Could Make Computers More Vulnerable

Cybersecurity researchers today disclosed details of security vulnerabilities found in popular antivirus solutions that could enable attackers to elevate their privileges, thereby helping malware sustain its foothold on the compromised systems. According to a report published by CyberArk research...

8.2CVSS7.6AI score0.01069EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2020/10/02 12:0 a.m.64 views

Fortinet FortiOS < 5.6.13 / 6.0 < 6.0.11 Buffer Overflow (FG-IR-20-083)

The remote host is running a version of FortiOS prior to 5.6.13, or 6.x prior to 6.0.11. It is, therefore, affected by an buffer overflow in the FortiClient NAC daemon that could allow a authenticated remote attacker to crash the FortiClient NAC daemon and theoritcally execute remote code, althou...

8.8CVSS5.8AI score0.00862EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2020/09/24 12:0 a.m.4 views

PT-2020-6796 · Fortinet · Forticlient +1

Name of the Vulnerable Software and Affected Versions: FortiOS versions 6.0.10 and below FortiOS versions 5.6.12 and below Description: The issue is related to a stack-based buffer overflow in the FortiClient NAC daemon fcnacd that can be exploited by a remote attacker authenticated to the SSL VP...

9CVSS8.5AI score0.00862EPSS
Exploits0References10
OSV
OSV
added 2020/06/04 1:15 p.m.5 views

CVE-2019-16150

Use of a hard-coded cryptographic key to encrypt security sensitive data in local storage and configuration in FortiClient for Windows prior to 6.4.0 may allow an attacker with access to the local storage or the configuration backup file to decrypt the sensitive data via knowledge of the hard-cod...

5.5CVSS6.1AI score0.01012EPSS
Exploits0References1
NVD
NVD
added 2020/06/04 1:15 p.m.17 views

CVE-2019-16150

Use of a hard-coded cryptographic key to encrypt security sensitive data in local storage and configuration in FortiClient for Windows prior to 6.4.0 may allow an attacker with access to the local storage or the configuration backup file to decrypt the sensitive data via knowledge of the hard-cod...

5.5CVSS5.5AI score0.01012EPSS
Exploits0References1
Prion
Prion
added 2020/06/04 1:15 p.m.16 views

Hardcoded credentials

Use of a hard-coded cryptographic key to encrypt security sensitive data in local storage and configuration in FortiClient for Windows prior to 6.4.0 may allow an attacker with access to the local storage or the configuration backup file to decrypt the sensitive data via knowledge of the hard-cod...

5CVSS5.5AI score0.01012EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2020/06/04 12:27 p.m.12 views

CVE-2019-16150

Use of a hard-coded cryptographic key to encrypt security sensitive data in local storage and configuration in FortiClient for Windows prior to 6.4.0 may allow an attacker with access to the local storage or the configuration backup file to decrypt the sensitive data via knowledge of the hard-cod...

6.7AI score0.01012EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/06/04 12:27 p.m.17 views

CVE-2019-16150

Use of a hard-coded cryptographic key to encrypt security sensitive data in local storage and configuration in FortiClient for Windows prior to 6.4.0 may allow an attacker with access to the local storage or the configuration backup file to decrypt the sensitive data via knowledge of the hard-cod...

5.5AI score0.01012EPSS
Exploits0References1
CVE
CVE
added 2020/06/04 12:27 p.m.61 views

CVE-2019-16150

Fortinet FortiClient for Windows is affected when running versions prior to 6.4.0. The issue arises from the use of a hard-coded cryptographic key to encrypt data in local storage and configuration, which could allow an attacker with access to the local storage or configuration backups to decrypt...

5.5CVSS5.4AI score0.01012EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2020/06/04 12:0 a.m.3 views

Fortinet FortiClient Trust Management Issue Vulnerability

Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. A security vulnerability exists in Fortinet FortiClient...

5.5CVSS6.9AI score0.01012EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/06/04 12:0 a.m.50 views

Fortinet FortiClient < 6.4.0 Use of Hard-coded Cryptographic Key (FG-IR-19-194)

The version of Fortinet FortiClient running on the remote host is prior to 6.4.0. It is, therefore, affected by a an information disclosure vulnerability due to the use of a hard-coded cryptographic key to encrypt security sensitive data in configuration. An attacker with access to the...

5.5CVSS6.1AI score0.01012EPSS
Exploits0References2
Rows per page
Query Builder