Fortinet

FortiClient

81 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2024-35281

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 13.05.2025 14:46:42
  • Zuletzt bearbeitet 19.11.2025 13:35:35

An improper isolation or compartmentalization vulnerability [CWE-653] in FortiClientMac version 7.4.2 and below, version 7.2.8 and below, 7.0 all versions and FortiVoiceUCDesktop 3.0 all versions desktop application may allow an authenticated attacke...

7.8

CVE-2023-45588

  • EPSS 0.03%
  • Veröffentlicht 14.03.2025 15:46:35
  • Zuletzt bearbeitet 15.07.2025 17:03:46

An external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file...

8.4

CVE-2024-52968

  • EPSS 0.04%
  • Veröffentlicht 11.02.2025 17:15:23
  • Zuletzt bearbeitet 16.07.2025 15:15:25

An improper authentication in Fortinet FortiClientMac 7.0.11 through 7.2.4 allows attacker to gain improper access to MacOS via empty password.

6.7

CVE-2024-40586

  • EPSS 0.02%
  • Veröffentlicht 11.02.2025 17:15:22
  • Zuletzt bearbeitet 16.07.2025 15:11:18

An Improper Access Control vulnerability [CWE-284] in FortiClient Windows version 7.4.0, version 7.2.6 and below, version 7.0.13 and below may allow a local user to escalate his privileges via FortiSSLVPNd service pipe.

3.3

CVE-2024-50564

  • EPSS 0.03%
  • Veröffentlicht 14.01.2025 14:15:33
  • Zuletzt bearbeitet 11.06.2025 14:55:09

A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all versions, 7.0.x all versions, and 6.4.x all versions may allow a low-privileged user to decrypt interprocess communication via monitoring named piped.

7.8

CVE-2020-15934

  • EPSS 0.03%
  • Veröffentlicht 19.12.2024 11:15:06
  • Zuletzt bearbeitet 21.01.2025 20:38:47

An execution with unnecessary privileges vulnerability in the VCM engine of FortiClient for Linux versions 6.2.7 and below, version 6.4.0. may allow local users to elevate their privileges to root by creating a malicious script or program on the targ...

5

CVE-2024-50570

  • EPSS 0.01%
  • Veröffentlicht 18.12.2024 13:15:06
  • Zuletzt bearbeitet 24.07.2025 19:02:14

A Cleartext Storage of Sensitive Information vulnerability [CWE-312] in FortiClientWindows 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13 and FortiClientLinux 7.4.0 through 7.4.2, 7.2.0 through 7.2.7, 7.0.0 through 7.0.13 may permit a...

7.8

CVE-2024-47574

  • EPSS 0.04%
  • Veröffentlicht 13.11.2024 12:15:16
  • Zuletzt bearbeitet 21.01.2025 22:21:03

A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0, and 6.4.10 through 6.4.0 allows low privilege attacker to execute arbitrary code wit...

6.7

CVE-2024-40592

  • EPSS 0.02%
  • Veröffentlicht 12.11.2024 19:15:11
  • Zuletzt bearbeitet 14.11.2024 20:37:06

An improper verification of cryptographic signature vulnerability [CWE-347] in FortiClient MacOS version 7.4.0, version 7.2.4 and below, version 7.0.10 and below, version 6.4.10 and below may allow a local authenticated attacker to swap the installer...

8.8

CVE-2024-36513

  • EPSS 0.02%
  • Veröffentlicht 12.11.2024 19:15:10
  • Zuletzt bearbeitet 14.11.2024 20:35:26

A privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version 7.0.12 and below, 6.4 all versions may allow an authenticated user to escalate their privileges via lua auto patch scripts.