Fortinet Forticlientems vulnerabilities

CVE-2026-39810 [MEDIUM] CWE-321 CVE-2026-39810: A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5 m A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5 may allow attacker to information disclosure via decrypting database dump.

CVE-2026-39809 [MEDIUM] CWE-89 CVE-2026-39809: A improper neutralization of special elements used in an sql command ('sql injection') vulnerability A improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5, FortiClientEMS 7.2.0 through 7.2.12, FortiClientEMS 7.0 all versions may allow attacker to execute unauthorized code or commands via sending crafted requests

CVE-2026-35616 [CRITICAL] CWE-284 CVE-2026-35616: A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.

CVE-2026-21643 [CRITICAL] CWE-89 CVE-2026-21643: An improper neutralization of special elements used in an sql command ('sql injection') vulnerabilit An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.

CVE-2025-59922 [HIGH] CWE-89 CVE-2025-59922: An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerabilit An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] vulnerability in Fortinet FortiClientEMS 7.4.3 through 7.4.4, FortiClientEMS 7.4.0 through 7.4.1, FortiClientEMS 7.2.0 through 7.2.10, FortiClientEMS 7.0 all versions may allow an authenticated attacker with at least read-only admin permission

CVE-2023-48786 [MEDIUM] CWE-918 CVE-2023-48786: A server-side request forgery vulnerability [CWE-918] in Fortinet FortiClientEMS version 7.4.0 throu A server-side request forgery vulnerability [CWE-918] in Fortinet FortiClientEMS version 7.4.0 through 7.4.2 and before 7.2.6 may allow an authenticated attacker to perform internal requests via crafted HTTP or HTTPS requests.

CVE-2024-32119 [MEDIUM] CWE-1390 CVE-2024-32119: An improper authentication vulnerability [CWE-287] in Fortinet FortiClientEMS version 7.4.0 and befo An improper authentication vulnerability [CWE-287] in Fortinet FortiClientEMS version 7.4.0 and before 7.2.4 allows an unauthenticated attacker with the knowledge of the targeted user's FCTUID and VDOM to perform operations such as uploading or tagging on behalf of the targeted user via specially crafted TCP requests.

CVE-2025-22859 [MEDIUM] CWE-23 CVE-2025-22859: A Relative Path Traversal vulnerability [CWE-23] in FortiClientEMS 7.4.0 through 7.4.1 and FortiClie A Relative Path Traversal vulnerability [CWE-23] in FortiClientEMS 7.4.0 through 7.4.1 and FortiClientEMS Cloud 7.4.0 through 7.4.1 may allow a remote unauthenticated attacker to perform a limited arbitrary file write on the system via upload requests.

CVE-2025-22855 [MEDIUM] CWE-79 CVE-2025-22855: An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vul An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Fortinet FortiClient before 7.4.1 may allow the EMS administrator to send messages containing javascript code.

CVE-2019-16149 [MEDIUM] CWE-79 CVE-2019-16149: An Improper Neutralization of Input During Web Page Generation in FortiClientEMS version 6.2.0 may a An Improper Neutralization of Input During Web Page Generation in FortiClientEMS version 6.2.0 may allow a remote attacker to execute unauthorized code by injecting malicious payload in the user profile of a FortiClient instance being managed by the vulnerable system.

CVE-2024-23106 [CRITICAL] CWE-307 CVE-2024-23106: An improper restriction of excessive authentication attempts [CWE-307] in FortiClientEMS version 7.2 An improper restriction of excessive authentication attempts [CWE-307] in FortiClientEMS version 7.2.0 through 7.2.4 and before 7.0.10 allows an unauthenticated attacker to try a brute force attack against the FortiClientEMS console via crafted HTTP or HTTPS requests.

CVE-2024-36506 [MEDIUM] CWE-940 CVE-2024-36506: An improper verification of source of a communication channel vulnerability [CWE-940] in FortiClient An improper verification of source of a communication channel vulnerability [CWE-940] in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all versions, 6.4 all versions may allow a remote attacker to bypass the trusted host feature via session connection.

CVE-2024-36510 [MEDIUM] CWE-204 CVE-2024-36510: An observable response discrepancy vulnerability [CWE-204] in FortiClientEMS 7.4.0, 7.2.0 through 7. An observable response discrepancy vulnerability [CWE-204] in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all versions, and FortiSOAR 7.5.0, 7.4.0 through 7.4.4, 7.3.0 through 7.3.2, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to enumerate valid users via observing login request responses.

CVE-2024-31489 [HIGH] CWE-295 CVE-2024-31489: AAn improper certificate validation vulnerability [CWE-295] in FortiClientWindows 7.2.0 through 7.2. AAn improper certificate validation vulnerability [CWE-295] in FortiClientWindows 7.2.0 through 7.2.2, 7.0.0 through 7.0.11, FortiClientLinux 7.2.0, 7.0.0 through 7.0.11 and FortiClientMac 7.0.0 through 7.0.11, 7.2.0 through 7.2.4 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between

CVE-2024-33508 [HIGH] CWE-77 CVE-2024-33508: An improper neutralization of special elements used in a command ('Command Injection') vulnerability An improper neutralization of special elements used in a command ('Command Injection') vulnerability [CWE-77] in Fortinet FortiClientEMS 7.2.0 through 7.2.4, 7.0.0 through 7.0.12 may allow an unauthenticated attacker to execute limited and temporary operations on the underlying database via crafted requests.

CVE-2024-21753 [MEDIUM] CWE-22 CVE-2024-21753: A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiCl A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiClientEMS versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.13, 6.4.0 through 6.4.9, 6.2.0 through 6.2.9, 6.0.0 through 6.0.8, 1.2.1 through 1.2.5 allows attacker to perform a denial of service, read or write a limited number of files via specially crafted

CVE-2023-48788 [CRITICAL] CWE-89 CVE-2023-48788: A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet F A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets.

CVE-2023-47534 [HIGH] CWE-1236 CVE-2023-47534: A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7.2.0 A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.10, 6.4.0 through 6.4.9, 6.2.0 through 6.2.9, 6.0.0 through 6.0.8 allows attacker to execute unauthorized code or commands via specially crafted packets.

CVE-2023-45581 [HIGH] CWE-269 CVE-2023-45581: An improper privilege management vulnerability [CWE-269] in Fortinet FortiClientEMS version 7.2.0 th An improper privilege management vulnerability [CWE-269] in Fortinet FortiClientEMS version 7.2.0 through 7.2.2 and before 7.0.10 allows an Site administrator with Super Admin privileges to perform global administrative operations affecting other sites via crafted HTTP or HTTPS requests.

CVE-2021-44172 [MEDIUM] CWE-200 CVE-2021-44172: An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClientEMS versions 7.0.0 through 7.0.4, 7.0.6 through 7.0.7, in all 6.4 and 6.2 version management interface may allow an unauthenticated attacker to gain information on environment variables such as the EMS installation path.