NotCVE - vendor:"Fortinet" product:"FortiClientMac" version:"7.4.0"

5 results (0.003 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2025-25251

https://notcve.org/view.php?id=CVE-2025-25251

28 May 2025 — An Incorrect Authorization vulnerability [CWE-863] in FortiClient Mac 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 may allow a local attacker to escalate privileges via crafted XPC messages. • https://fortiguard.fortinet.com/psirt/FG-IR-25-016 • CWE-863: Incorrect Authorization •

CVSS: 2.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2024-35281

https://notcve.org/view.php?id=CVE-2024-35281

13 May 2025 — An improper isolation or compartmentalization vulnerability [CWE-653] in FortiClientMac version 7.4.2 and below, version 7.2.8 and below, 7.0 all versions and FortiVoiceUCDesktop 3.0 all versions desktop application may allow an authenticated attacker to inject code via Electron environment variables. • https://fortiguard.fortinet.com/psirt/FG-IR-24-025 • CWE-653: Improper Isolation or Compartmentalization •

CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0

CVE-2024-52968

https://notcve.org/view.php?id=CVE-2024-52968

11 Feb 2025 — An improper authentication in Fortinet FortiClientMac 7.0.11 through 7.2.4 allows attacker to gain improper access to MacOS via empty password. • https://fortiguard.fortinet.com/psirt/FG-IR-24-300 • CWE-287: Improper Authentication •

CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 0

CVE-2024-50570

https://notcve.org/view.php?id=CVE-2024-50570

18 Dec 2024 — A Cleartext Storage of Sensitive Information vulnerability [CWE-312] in FortiClientWindows 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13 and FortiClientLinux 7.4.0 through 7.4.2, 7.2.0 through 7.2.7, 7.0.0 through 7.0.13 may permit a local authenticated user to retrieve VPN password via memory dump, due to JavaScript's garbage collector • https://fortiguard.fortinet.com/psirt/FG-IR-23-278 • CWE-312: Cleartext Storage of Sensitive Information •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2024-40592

https://notcve.org/view.php?id=CVE-2024-40592

12 Nov 2024 — An improper verification of cryptographic signature vulnerability [CWE-347] in FortiClient MacOS version 7.4.0, version 7.2.4 and below, version 7.0.10 and below, version 6.4.10 and below may allow a local authenticated attacker to swap the installer with a malicious package via a race condition during the installation process. An improper verification of cryptographic signature vulnerability [CWE-347] in FortiClient MacOS version 7.4.0, version 7.2.4 and below, version 7.0.10 and below, version 6.4.10 and ... • https://fortiguard.fortinet.com/psirt/FG-IR-24-022 • CWE-347: Improper Verification of Cryptographic Signature •