99 matches found
CVE-2026-44278
A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.2, FortiClientWindows 7.2 all versions may allow attacker to information disclosure via...
CVE-2026-44278
CVE-2026-44278 concerns a use of hard-coded cryptographic key in Fortinet FortiClientWindows. Affected software: FortiClientWindows 7.4.0 through 7.4.2, and FortiClientWindows 7.2 all versions. The vulnerability may allow information disclosure. No exploitation details or specific vectors are pro...
CVE-2026-44278
A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.2, FortiClientWindows 7.2 all versions may allow attacker to information disclosure via...
Fortinet FortiClientWindows 安全漏洞
Fortinet FortiClientWindows is a Windows-based mobile device security solution provided by the American company Fortinet. When connected to the FortiGate firewall device, this solution offers features such as IPsec and SSL encryption, wide-area network optimization, terminal compliance, and...
CVE-2025-62676
An Improper Link Resolution Before File Access 'Link Following' vulnerability CWE-59 vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.4, FortiClientWindows 7.2.0 through 7.2.12, FortiClientWindows 7.0 all versions may allow a local low-privilege attacker to perform an arbitrary file...
CVE-2025-62676
An Improper Link Resolution Before File Access 'Link Following' vulnerability CWE-59 vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.4, FortiClientWindows 7.2.0 through 7.2.12, FortiClientWindows 7.0 all versions may allow a local low-privilege attacker to perform an arbitrary file...
CVE-2025-62676
Fortinet FortiClientWindows is affected by CVE-2025-62676 due to an Improper Link Resolution Before File Access (Link Following, CWE-59). A local low-privilege attacker can write arbitrary files with elevated permissions by sending crafted messages to a named pipe. Affected product ranges include...
CVE-2025-62676
An Improper Link Resolution Before File Access 'Link Following' vulnerability CWE-59 vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.4, FortiClientWindows 7.2.0 through 7.2.12, FortiClientWindows 7.0 all versions may allow a local low-privilege attacker to perform an arbitrary file...
Fortinet FortiClientWindows 后置链接漏洞
Fortinet FortiClientWindows is a Windows-based mobile device security solution provided by the American company Fortinet. When connected to the FortiGate firewall device, this solution offers features such as IPsec and SSL encryption, wide-area network optimization, terminal compliance, and...
Fortinet FortiClientWindows Access Control Error Vulnerability
Fortinet FortiClientWindows is a Windows-based mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. An Access Control Error vulnerabili...
CVE-2025-47761
An Exposed IOCTL with Insufficient Access Control vulnerability CWE-782 vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.9 may allow an authenticated local user to execute unauthorized code via fortips driver. Success of the attack would requi...
CVE-2025-54660
An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.10, FortiClientWindows 7.0 all versions may allow a local attacker to run the application step by step and retrieve the saved VPN user password...
CVE-2025-54660
An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.10, FortiClientWindows 7.0 all versions may allow a local attacker to run the application step by step and retrieve the saved VPN user password...
CVE-2025-47761
An Exposed IOCTL with Insufficient Access Control vulnerability CWE-782 vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.9 may allow an authenticated local user to execute unauthorized code via fortips driver. Success of the attack would requi...
CVE-2025-47761
An Exposed IOCTL with Insufficient Access Control vulnerability CWE-782 vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.9 may allow an authenticated local user to execute unauthorized code via fortips driver. Success of the attack would requi...
CVE-2025-54660
An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.10, FortiClientWindows 7.0 all versions may allow a local attacker to run the application step by step and retrieve the saved VPN user password...
CVE-2025-54660
Fortinet FortiClientWindows is affected by an active debug code vulnerability in versions 7.0.0–7.4.3 and 7.2.0–7.2.10 that may allow a local attacker to execute the application step by step and retrieve the saved VPN user password. The linked Red Hat/NVD/CVE entries confirm the same impact. Ther...
CVE-2025-46373
CVE-2025-46373 describes a heap-based buffer overflow (CWE-122) in Fortinet FortiClientWindows, affecting versions 7.4.0–7.4.3 and 7.2.0–7.2.8. The vulnerability stems from the module/function/file named fortips_74.sys , allowing an authenticated local IPSec user to execute arbitrary code due to ...
EUVD-2025-198018
A Heap-based Buffer Overflow vulnerability CWE-122 in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.8 may allow an authenticated local IPSec user to execute arbitrary code or commands via "fortips74.sys". The attacker would need to bypass the Windows heap...
CVE-2025-46373
A Heap-based Buffer Overflow vulnerability CWE-122 vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.8 may allow an authenticated local IPSec user to execute arbitrary code or commands via "fortips74.sys". The attacker would need to bypass the...