Fortinet Forticlientwindows vulnerabilities
25 known vulnerabilities affecting fortinet/forticlientwindows.
Total CVEs
25
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH15MEDIUM7LOW3
Vulnerabilities
Page 2 of 2
CVE-2022-33877MEDIUMCVSS 5.5≥ 7.0.0, ≤ 7.0.6≥ 6.4.0, ≤ 6.4.82023-06-13
CVE-2022-33877 [HIGH] CWE-276 CVE-2022-33877: An incorrect default permission [CWE-276] vulnerability in FortiClient (Windows) versions 7.0.0 thro
An incorrect default permission [CWE-276] vulnerability in FortiClient (Windows) versions 7.0.0 through 7.0.6 and 6.4.0 through 6.4.8 and FortiConverter (Windows) versions 6.2.0 through 6.2.1, 7.0.0 and all versions of 6.0.0 may allow a local authenticated attacker to tamper with files in the installation folder, if FortiClient or FortiConverter is in
cvelistv5nvd
CVE-2022-42470HIGHCVSS 7.8≥ 7.0.0, ≤ 7.0.7≥ 6.4.0, ≤ 6.4.10+2 more2023-04-11
CVE-2022-42470 [HIGH] CWE-23 CVE-2022-42470: A relative path traversal vulnerability in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4
A relative path traversal vulnerability in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe.
cvelistv5nvd
CVE-2022-43946HIGHCVSS 8.1≥ 7.0.0, ≤ 7.0.7≥ 6.4.0, ≤ 6.4.10+2 more2023-04-11
CVE-2022-43946 [HIGH] CWE-732 CVE-2022-43946: Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE-732
Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE-732] vulnerability and a time-of-check time-of-use (TOCTOU) race condition [CWE-367] vulnerability in Fortinet FortiClientWindows before 7.0.7 allows attackers on the same file sharing network to execute commands via writing data into a windows pipe.
cvelistv5nvd
CVE-2022-40682HIGHCVSS 7.8≥ 7.0.0, ≤ 7.0.7≥ 6.4.0, ≤ 6.4.10+2 more2023-04-11
CVE-2022-40682 [HIGH] CWE-863 CVE-2022-40682: A incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.
A incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe.
cvelistv5nvd
CVE-2018-9193HIGHCVSS 7.8≥ 6.0.0, ≤ 6.0.5v5.6.62019-05-30
CVE-2018-9193 [HIGH] CVE-2018-9193: A researcher has disclosed several vulnerabilities against FortiClient for Windows version 6.0.5 and
A researcher has disclosed several vulnerabilities against FortiClient for Windows version 6.0.5 and below, version 5.6.6, the combination of these vulnerabilities can turn into an exploit chain, which allows a user to gain system privileges on Microsoft Windows.
cvelistv5nvd
← Previous2 / 2