7 matches found
CVE-2023-45588
An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...
CVE-2023-45588
An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...
CVE-2023-45588
An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...
CVE-2023-45588
CVE-2023-45588 is a local, external-control-of-file-name-or-path vulnerability (CWE-73) in FortiClientMac. Affected: FortiClientMac versions 7.2.3 and below, and the 7.0.10 and below installer. Summary: a local attacker could write a malicious configuration file in /tmp before installation to exe...
CVE-2023-45588
An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...
CVE-2023-45588
creationtimestamp| type| source ---|---|--- 2024-04-11 19:30:05+00:00| seen| https://t.me/truesecator/5629 2025-03-14 16:46:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lke2qgesl726 2025-03-14 17:48:57+00:00| seen|...
Fortinet Rolls Out Critical Security Patches for FortiClientLinux Vulnerability
Fortinet has released patches to address a critical security flaw impacting FortiClientLinux that could be exploited to achieve arbitrary code execution. Tracked as CVE-2023-45590, the vulnerability carries a CVSS score of 9.4 out of a maximum of 10. "An Improper Control of Generation of Code 'Co...