Forticlient Security Vulnerabilities and Issues — Forticlient CVE List

Lucene search

FortinetForticlient

9 matches found

CVE•added 2023/04/11 5:15 p.m.•84 views

CVE-2022-43946

Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE-732] vulnerability and a time-of-check time-of-use (TOCTOU) race condition [CWE-367] vulnerability in Fortinet FortiClientWindows before 7.0.7 allows attackers on the same file sharing network to execut...

8.1CVSS8.3AI score0.00137EPSS

CVE•added 2023/11/14 6:15 p.m.•82 views

CVE-2023-41840

A untrusted search path vulnerability in Fortinet FortiClientWindows 7.0.9 allows an attacker to perform a DLL Hijack attack via a malicious OpenSSL engine library in the search path.

7.8CVSS7.4AI score0.00066EPSS

CVE•added 2023/04/11 5:15 p.m.•79 views

CVE-2022-40682

A incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe.

7.8CVSS7.7AI score0.00049EPSS

CVE•added 2023/11/14 6:15 p.m.•70 views

CVE-2023-33304

A use of hard-coded credentials vulnerability in Fortinet FortiClient Windows 7.0.0 - 7.0.9 and 7.2.0 - 7.2.1 allows an attacker to bypass system protections via the use of static credentials.

5.5CVSS5.4AI score0.00004EPSS

CVE•added 2023/11/14 7:15 p.m.•66 views

CVE-2022-40681

A incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to cause denial of service via sending a crafted request to a specific named pipe.

7.1CVSS6.7AI score0.00042EPSS

CVE•added 2023/04/11 5:15 p.m.•54 views

CVE-2023-22635

A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac version 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions, 5.6 all versions, 5.4 all versions, 5.2 all versions, 5.0 all versions and 4.0 all versions may allow a local attacker to escalate ...

7.8CVSS7.7AI score0.0004EPSS

CVE•added 2023/06/13 9:15 a.m.•49 views

CVE-2022-33877

An incorrect default permission [CWE-276] vulnerability in FortiClient (Windows) versions 7.0.0 through 7.0.6 and 6.4.0 through 6.4.8 and FortiConverter (Windows) versions 6.2.0 through 6.2.1, 7.0.0 and all versions of 6.0.0 may allow a local authenticated attacker to tamper with files in the insta...

7CVSS5.2AI score0.00034EPSS

CVE•added 2023/10/10 5:15 p.m.•45 views

CVE-2023-37939

An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient for Windows 7.2.0, 7.0 all versions, 6.4 all versions, 6.2 all versions, Linux 7.2.0, 7.0 all versions, 6.4 all versions, 6.2 all versions and Mac 7.2.0 through 7.2.1, 7.0 all versions, 6.4 all vers...

3.3CVSS3.8AI score0.00059EPSS

CVE•added 2023/04/11 5:15 p.m.•35 views

CVE-2022-42470

A relative path traversal vulnerability in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe.

7.8CVSS7.7AI score0.00098EPSS