Filtered by vendor Fortinet Subscriptions
Filtered by product Forticlient Subscriptions

Search

Switch to Advanced Search (Beta)
Total 84 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-36513 1 Fortinet 2 Forticlient, Forticlientwindows 2024-11-14 7.4 High
A privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version 7.0.12 and below, 6.4 all versions may allow an authenticated user to escalate their privileges via lua auto patch scripts.
CVE-2024-36507 1 Fortinet 2 Forticlient, Forticlientwindows 2024-11-14 6.7 Medium
A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0 allows an attacker to run arbitrary code via DLL hijacking and social engineering.
CVE-2022-45856 1 Fortinet 2 Forticlient, Forticlientios 2024-09-26 4.6 Medium
An improper certificate validation vulnerability [CWE-295] in FortiClientWindows 6.4 all versions, 7.0.0 through 7.0.7, FortiClientMac 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.4, FortiClientLinux 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.4, FortiClientAndroid 6.4 all versions, 7.0 all versions, 7.2.0 and FortiClientiOS 5.6 all versions, 6.0.0 through 6.0.1, 7.0.0 through 7.0.6 SAML SSO feature may allow an unauthenticated attacker to man-in-the-middle the communication between the FortiClient and  both the service provider and the identity provider.
CVE-2024-31489 1 Fortinet 4 Forticlient, Forticlientlinux, Forticlientmac and 1 more 2024-09-20 6.4 Medium
AAn improper certificate validation vulnerability [CWE-295] in FortiClientWindows 7.2.0 through 7.2.2, 7.0.0 through 7.0.11, FortiClientLinux 7.2.0, 7.0.0 through 7.0.11 and FortiClientMac 7.0.0 through 7.0.11, 7.2.0 through 7.2.4 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiGate and the FortiClient during the ZTNA tunnel creation