CVE-2023-45588

An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...

Fortinet FortiClientMAC Resource Management Error Vulnerability

Fortinet FortiClientMAC is a U.S. fly tower Fortinet company based on macOS platform security tools. Fortinet FortiClientMAC has a resource management error vulnerability that stems from improper allocation of critical resource permissions, which can be exploited by an attacker to cause a local...

Fortinet FortiClientMac Code Injection Vulnerability

Fortinet FortiClientMAC is a U.S. fly tower Fortinet company based on macOS platform security tools. A code injection vulnerability exists in Fortinet FortiClientMac, which stems from the application's failure to properly filter special elements of constructed snippets, and can be exploited by an...

CVE-2025-31365

An Improper Control of Generation of Code 'Code Injection' vulnerability CWE-94 in FortiClientMac 7.4.0 through 7.4.3, 7.2.1 through 7.2.8 may allow an unauthenticated attacker to execute arbitrary code on the victim's host via tricking the user into visiting a malicious website...

CVE-2025-57741

An Incorrect Permission Assignment for Critical Resource vulnerability CWE-732 in FortiClientMac 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local attacker to run arbitrary code or commands via LaunchDaemon hijacking...

EUVD-2025-34244

An Incorrect Permission Assignment for Critical Resource vulnerability CWE-732 in FortiClientMac 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local attacker to run arbitrary code or commands via LaunchDaemon hijacking...

EUVD-2025-34232

An Improper Control of Generation of Code 'Code Injection' vulnerability CWE-94 in FortiClientMac 7.4.0 through 7.4.3, 7.2.1 through 7.2.8 may allow an unauthenticated attacker to execute arbitrary code on the victim's host via tricking the user into visiting a malicious website...

CVE-2025-57741

An Incorrect Permission Assignment for Critical Resource vulnerability CWE-732 in FortiClientMac 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local attacker to run arbitrary code or commands via LaunchDaemon hijacking...

CVE-2025-31365

An Improper Control of Generation of Code 'Code Injection' vulnerability CWE-94 in FortiClientMac 7.4.0 through 7.4.3, 7.2.1 through 7.2.8 may allow an unauthenticated attacker to execute arbitrary code on the victim's host via tricking the user into visiting a malicious website...

CVE-2025-31365

An Improper Control of Generation of Code 'Code Injection' vulnerability CWE-94 in FortiClientMac 7.4.0 through 7.4.3, 7.2.1 through 7.2.8 may allow an unauthenticated attacker to execute arbitrary code on the victim's host via tricking the user into visiting a malicious website...

CVE-2025-31365

Summary: CVE-2025-31365 is a code injection flaw in Fortinet FortiClientMac (macOS) affecting multiple versions: 7.2.1–7.2.8 and 7.4.0–7.4.3. The root cause is an improper control of generation of code, enabling an unauthenticated attacker to trigger arbitrary code execution when a user visits a ...

CVE-2025-31365

An Improper Control of Generation of Code 'Code Injection' vulnerability CWE-94 in FortiClientMac 7.4.0 through 7.4.3, 7.2.1 through 7.2.8 may allow an unauthenticated attacker to execute arbitrary code on the victim's host via tricking the user into visiting a malicious website...

CVE-2025-31365

An Improper Control of Generation of Code 'Code Injection' vulnerability CWE-94 in FortiClientMac 7.4.0 through 7.4.3, 7.2.1 through 7.2.8 may allow an unauthenticated attacker to execute arbitrary code on the victim's host via tricking the user into visiting a malicious website...

CVE-2025-57741

An Incorrect Permission Assignment for Critical Resource vulnerability CWE-732 in FortiClientMac 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local attacker to run arbitrary code or commands via LaunchDaemon hijacking...

CVE-2025-57741

FortiClientMac has an Incorrect Permission Assignment for a Critical Resource vulnerability (CWE-732) affecting versions 7.0–7.2.11 and 7.4.0–7.4.3. The issue enables a local attacker to execute arbitrary code via LaunchDaemon hijacking due to improper resource permissions. Remediation per PT-202...

CVE-2025-57741

An Incorrect Permission Assignment for Critical Resource vulnerability CWE-732 in FortiClientMac 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local attacker to run arbitrary code or commands via LaunchDaemon hijacking...

Fortinet FortiClientMAC 安全漏洞

Fortinet FortiClientMAC is a U.S. fly tower Fortinet company based on macOS platform security tools. Fortinet FortiClientMAC has a resource management error vulnerability that stems from improper allocation of critical resource permissions, which can be exploited by an attacker to cause a local...

Fortinet FortiClientMAC 代码注入漏洞

Fortinet FortiClientMAC is a U.S. fly tower Fortinet company based on macOS platform security tools. A code injection vulnerability exists in Fortinet FortiClientMac, which stems from the application's failure to properly filter special elements of constructed snippets, and can be exploited by an...

PT-2025-41950

Name of the Vulnerable Software and Affected Versions FortiClientMac versions 7.2.1 through 7.2.8 FortiClientMac versions 7.4.0 through 7.4.3 Description An issue exists in FortiClientMac that could allow an unauthenticated attacker to execute arbitrary code on a user's system. This is due to an...

PT-2025-41963

Name of the Vulnerable Software and Affected Versions FortiClientMac versions 7.0 through 7.2.11 FortiClientMac versions 7.4.0 through 7.4.3 Description An incorrect permission assignment for a critical resource may allow a local attacker to run arbitrary code or commands via LaunchDaemon...