Fortinet Forticlient For Mac Os vulnerabilities

CVE-2019-17650 [HIGH] CWE-78 CVE-2019-17650: An Improper Neutralization of Special Elements used in a Command vulnerability in one of FortiClient An Improper Neutralization of Special Elements used in a Command vulnerability in one of FortiClient for Mac OS root processes, may allow a local user of the system on which FortiClient is running to execute unauthorized code as root by bypassing a security check.

CVE-2018-9195 [MEDIUM] CWE-798 CVE-2018-9195: Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a M Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiClient) sent and received from Fortiguard severs by decrypting these messag

CVE-2019-15704 [MEDIUM] CWE-311 CVE-2019-15704: A clear text storage of sensitive information vulnerability in FortiClient for Mac may allow a local A clear text storage of sensitive information vulnerability in FortiClient for Mac may allow a local attacker to read sensitive information logged in the console window when the user connects to an SSL VPN Gateway.