The vulnerability of Fortinet FortiClientWindows security devices arises from the improper assignment of permissions to critical resources and incorrect synchronization settings (“Race Condition”). This allows attackers to execute arbitrary commands.

The vulnerability of Fortinet FortiClientWindows protection devices is related to the improper assignment of permissions for critical resources and incorrect synchronization “Race Condition”. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

CVE-2024-47574

A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0, and 6.4.10 through 6.4.0 allows low privilege attacker to execute arbitrary code with high privilege via spoofed named pipe message...

CVE-2024-47574

Fortinet FortiClientWindows is affected by CVE-2024-47574: an authentication bypass via spoofed named pipe messages allows a low-privilege attacker to execute arbitrary code with high privileges. Affected versions include FortiClientWindows 6.4.0–6.4.10, 7.0.0–7.0.12, 7.2.0–7.2.4, and 7.4.0. Fort...

CVE-2024-47574

A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0, and 6.4.10 through 6.4.0 allows low privilege attacker to execute arbitrary code with high privilege via spoofed named pipe message...

CVE-2024-47574

A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0, and 6.4.10 through 6.4.0 allows low privilege attacker to execute arbitrary code with high privilege via spoofed named pipe message...

CVE-2024-36507

A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0 allows an attacker to run arbitrary code via DLL hijacking and social engineering...

CVE-2024-36507

A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0 allows an attacker to run arbitrary code via DLL hijacking and social engineering...

CVE-2024-36507

A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0 allows an attacker to run arbitrary code via DLL hijacking and social engineering...

CVE-2024-36507

A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0 allows an attacker to run arbitrary code via DLL hijacking and social engineering...

CVE-2024-36507

Fortinet FortiClientWindows is affected by CVE-2024-36507 due to an untrusted search path that enables DLL hijacking. Affected versions are 7.4.0, 7.2.4–7.2.0, and 7.0.12–7.0.0. The issue allows an attacker to run arbitrary code via social engineering or local access. No exploit details are provi...

PT-2024-27039 · Fortinet · Forticlient

Name of the Vulnerable Software and Affected Versions: Fortinet FortiClientWindows versions 7.0.0 through 7.0.12 Fortinet FortiClientWindows versions 7.2.0 through 7.2.4 Fortinet FortiClientWindows version 7.4.0 Description: The issue is related to an untrusted search path in Fortinet...

Fortinet FortiClientWindows 代码问题漏洞

Fortinet FortiClientWindows is a Windows-based mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance, and two-factor authentication when connected to a FortiGate firewall appliance. A security vulnerability exists in...

Fortinet FortiClientWindows Path Traversal Vulnerability

Fortinet FortiClientWindows is a Windows-based mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. Fortinet FortiClientWindows suffers...

Fortinet FortiClientWindows Authorization Issues Vulnerability

Fortinet FortiClientWindows is a Windows-based mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. Fortinet FortiClientWindows has an...

Fortinet FortiClientWindows Elevation of Privilege Vulnerability

Fortinet FortiClientWindows is a Windows-based mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. An elevation of privilege...

CVE-2022-43946

Multiple vulnerabilities including an incorrect permission assignment for critical resource CWE-732 vulnerability and a time-of-check time-of-use TOCTOU race condition CWE-367 vulnerability in Fortinet FortiClientWindows before 7.0.7 allows attackers on the same file sharing network to execute...

CVE-2022-43946

Fortinet FortiClientWindows prior to version 7.0.7 contains a combination of a critical resource permission assignment error (CWE-732) and a TOCTOU race condition (CWE-367). These flaws can allow an attacker on the same file sharing network to remotely execute commands by writing data into a Wind...

CVE-2022-43946

Multiple vulnerabilities including an incorrect permission assignment for critical resource CWE-732 vulnerability and a time-of-check time-of-use TOCTOU race condition CWE-367 vulnerability in Fortinet FortiClientWindows before 7.0.7 allows attackers on the same file sharing network to execute...

FortiClientWindows - Arbitrary file creation by unprivileged users

A relative path traversal CWE-23 vulnerability in FortiClientWindows may allow a local low privileged attacker to perform arbitrary file creation on the device filesystem...

Fortinet FortiClientWindows 安全漏洞

Fortinet FortiClientWindows is a Windows-based mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. Fortinet FortiClientWindows has an...