CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-40592
https://notcve.org/view.php?id=CVE-2024-40592
12 Nov 2024 — An improper verification of cryptographic signature vulnerability [CWE-347] in FortiClient MacOS version 7.4.0, version 7.2.4 and below, version 7.0.10 and below, version 6.4.10 and below may allow a local authenticated attacker to swap the installer with a malicious package via a race condition during the installation process. An improper verification of cryptographic signature vulnerability [CWE-347] in FortiClient MacOS version 7.4.0, version 7.2.4 and below, version 7.0.10 and below, version 6.4.10 and ... • https://fortiguard.fortinet.com/psirt/FG-IR-24-022 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 5.9EPSS: 0%CPEs: 32EXPL: 0CVE-2022-45856
https://notcve.org/view.php?id=CVE-2022-45856
10 Sep 2024 — An improper certificate validation vulnerability [CWE-295] in FortiClientWindows 6.4 all versions, 7.0.0 through 7.0.7, FortiClientMac 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.4, FortiClientLinux 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.4, FortiClientAndroid 6.4 all versions, 7.0 all versions, 7.2.0 and FortiClientiOS 5.6 all versions, 6.0.0 through 6.0.1, 7.0.0 through 7.0.6 SAML SSO feature may allow an unauthenticated attacker to man-in-the-middle the communication between the F... • https://fortiguard.fortinet.com/psirt/FG-IR-22-230 • CWE-295: Improper Certificate Validation •