Fortinet » Forticlient : Security Vulnerabilities, CVEs, CVSS score >= 9

CVE-2023-45590

An improper control of generation of code ('code injection') in Fortinet FortiClientLinux version 7.2.0, 7.0.6 through 7.0.10 and 7.0.3 through 7.0.4 allows attacker to execute unauthorized code or commands via tricking a FortiClientLinux user into visiting a malicious website
Max CVSS
9.6
EPSS Score
0.04%
Published
2024-04-09
Updated
2024-04-09

CVE-2019-17658

An unquoted service path vulnerability in the FortiClient FortiTray component of FortiClientWindows v6.2.2 and prior allow an attacker to gain elevated privileges via the FortiClientConsole executable service path.
Max CVSS
9.8
EPSS Score
0.22%
Published
2020-03-12
Updated
2021-04-29

CVE-2019-5589

An Unsafe Search Path vulnerability in FortiClient Online Installer (Windows version before 6.0.6) may allow an unauthenticated, remote attacker with control over the directory in which FortiClientOnlineInstaller.exe resides to execute arbitrary code on the system via uploading malicious .dll files in that directory.
Max CVSS
9.3
EPSS Score
0.23%
Published
2019-05-28
Updated
2019-05-29

CVE-2016-8493

In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClientNamedPipe vulnerability.
Max CVSS
9.0
EPSS Score
0.09%
Published
2017-06-26
Updated
2018-01-17
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close