Fortinet

FortiClient

81 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2025-54660

  • EPSS 0.02%
  • Veröffentlicht 18.11.2025 17:01:18
  • Zuletzt bearbeitet 20.11.2025 14:35:11

An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.10, FortiClientWindows 7.0 all versions may allow a local attacker to run the application step by step and retrieve the saved ...

7.8

CVE-2025-46373

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 18.11.2025 17:01:15
  • Zuletzt bearbeitet 16.12.2025 11:15:52

A Heap-based Buffer Overflow vulnerability [CWE-122] vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.8 may allow an authenticated local IPSec user to execute arbitrary code or commands via "forti...

7.8

CVE-2025-47761

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 18.11.2025 17:01:11
  • Zuletzt bearbeitet 16.12.2025 11:15:52

An Exposed IOCTL with Insufficient Access Control vulnerability [CWE-782] vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.9 may allow an authenticated local user to execute unauthorized code via ...

7.8

CVE-2025-46774

  • EPSS 0.01%
  • Veröffentlicht 14.10.2025 15:23:47
  • Zuletzt bearbeitet 22.10.2025 16:47:22

An Improper Verification of Cryptographic Signature vulnerability [CWE-347] in FortiClient MacOS installer version 7.4.2 and below, version 7.2.9 and below, 7.0 all versions may allow a local user to escalate their privileges via FortiClient related ...

7.1

CVE-2025-31365

  • EPSS 0.04%
  • Veröffentlicht 14.10.2025 15:23:43
  • Zuletzt bearbeitet 15.10.2025 17:30:38

An Improper Control of Generation of Code ('Code Injection') vulnerability [CWE-94] in FortiClientMac 7.4.0 through 7.4.3, 7.2.1 through 7.2.8 may allow an unauthenticated attacker to execute arbitrary code on the victim's host via tricking the user ...

7.3

CVE-2025-57716

  • EPSS 0.02%
  • Veröffentlicht 14.10.2025 15:23:10
  • Zuletzt bearbeitet 15.10.2025 17:21:15

An Uncontrolled Search Path Element vulnerability [CWE-427] in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious DLL to the ...

7.8

CVE-2025-57741

  • EPSS 0.02%
  • Veröffentlicht 14.10.2025 15:22:49
  • Zuletzt bearbeitet 15.10.2025 17:23:46

An Incorrect Permission Assignment for Critical Resource vulnerability [CWE-732] in FortiClientMac 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local attacker to run arbitrary code or commands via LaunchDaemon hijacking.

6.5

CVE-2024-54019

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 10.06.2025 16:36:06
  • Zuletzt bearbeitet 25.07.2025 15:26:02

A improper validation of certificate with host mismatch in Fortinet FortiClientWindows version 7.4.0, versions 7.2.0 through 7.2.6, and 7.0 all versions allow an unauthorized attacker to redirect VPN connections via DNS spoofing or another form of re...

3.7

CVE-2025-24473

  • EPSS 0.04%
  • Veröffentlicht 28.05.2025 07:55:57
  • Zuletzt bearbeitet 08.01.2026 22:16:02

A exposure of sensitive system information to an unauthorized control sphere vulnerability in Fortinet FortiClientWindows 7.2.0 through 7.2.1, FortiClientWindows 7.0.13 through 7.0.14 may allow an unauthorized remote attacker to view application info...

7.8

CVE-2025-25251

  • EPSS 0.02%
  • Veröffentlicht 28.05.2025 07:53:42
  • Zuletzt bearbeitet 04.06.2025 15:37:46

An Incorrect Authorization vulnerability [CWE-863] in FortiClient Mac 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 may allow a local attacker to escalate privileges via crafted XPC messages.