cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-44167,https://securityvulnerability.io/vulnerability/CVE-2021-44167,Improper Permission Assignment in FortiClient for Linux,"A vulnerability exists in FortiClient for Linux versions 6.0.8 and below, 6.2.9 and below, 6.4.7 and below, and 7.0.2 and below due to incorrect permission assignments on critical resources. This flaw allows unauthenticated attackers to exploit symbolic links, potentially gaining unauthorized access to sensitive information contained in log files and directories, posing a significant security risk.",Fortinet,Fortinet Forticlientlinux,6.8,MEDIUM,0.0016799999866634607,false,,false,false,false,,,false,false,,2022-05-11T14:25:10.000Z,0
CVE-2021-22127,https://securityvulnerability.io/vulnerability/CVE-2021-22127,Improper Input Validation in FortiClient for Linux Products,"An input validation issue in FortiClient for Linux allows unauthenticated attackers to potentially execute arbitrary code on the host operating system with root privileges. This vulnerability arises when a user connects to a network that has been maliciously named, thereby enabling threat actors to exploit this flaw. The affected versions include 6.4.x before 6.4.3 and 6.2.x before 6.2.9, emphasizing the need for prompt updates to ensure system security.",Fortinet,Fortinet Forticlientlinux,7.1,HIGH,0.0006900000153109431,false,,false,false,false,,,false,false,,2022-04-06T16:00:33.000Z,0
CVE-2021-43205,https://securityvulnerability.io/vulnerability/CVE-2021-43205,Information Exposure Vulnerability in FortiClient for Linux by Fortinet,"FortiClient for Linux has a vulnerability that can expose sensitive information to unauthorized users. Specifically, versions 7.0.2 and earlier, as well as 6.4.7 and 6.2.9 are affected. An unauthenticated attacker can potentially access the confighandler webserver via external binaries, posing a risk of sensitive data being compromised. Organizations using these versions should consider updating to mitigate this risk.",Fortinet,Fortinet Forticlientlinux,4.3,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2022-04-06T09:15:36.000Z,0
CVE-2021-41028,https://securityvulnerability.io/vulnerability/CVE-2021-41028,Man-in-the-middle Attack Vulnerability in Fortinet FortiClient Products,"The vulnerability arises from the use of hard-coded cryptographic keys in versions of FortiClientEMS and improper certificate validation in FortiClient for Windows, Linux, and Mac. This flawed implementation enables an unauthenticated and network-adjacent attacker to potentially execute a man-in-the-middle attack through the telemetry protocol, compromising secure communication between the EMS and FortiClient.",Fortinet,"Fortinet Forticlientems, Forticlientwindows, Forticlientlinux, Forticlientmac",8.2,HIGH,0.000699999975040555,false,,false,false,false,,,false,false,,2021-12-16T18:13:38.000Z,0
CVE-2019-16155,https://securityvulnerability.io/vulnerability/CVE-2019-16155,Privilege Escalation Vulnerability in FortiClient for Linux by Fortinet,"FortiClient for Linux versions 6.2.1 and earlier exhibit a vulnerability that allows users with low privileges to execute arbitrary file overwrites as root. This occurs via specially crafted 'BackupConfig' IPC client requests directed at the fctsched process, enabling unauthorized modifications to system files. Moreover, versions 6.2.2 and earlier permit low privilege users to write to system backup files through the GUI, resulting in potential root access and system instability. These weaknesses highlight significant risks in maintaining system integrity and protecting sensitive data.",Fortinet,Fortinet Forticlientlinux,7.1,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-02-07T14:47:28.000Z,0
CVE-2019-16152,https://securityvulnerability.io/vulnerability/CVE-2019-16152,Denial of Service Vulnerability in FortiClient for Linux,"A Denial of Service vulnerability exists in FortiClient for Linux versions 6.2.1 and earlier. This issue allows an attacker with low privileges to destabilize FortiClient's processes that run with root privileges. The vulnerability occurs due to improper validation of inter-process communication (IPC) client requests sent to the fctsched process, leading to potential system crashes. It is crucial for users to apply updates or patches from Fortinet to remediate this security concern and protect their systems.",Fortinet,Fortinet Forticlientlinux,6.5,MEDIUM,0.0006799999973736703,false,,false,false,false,,,false,false,,2020-02-06T15:27:36.000Z,0
CVE-2019-17652,https://securityvulnerability.io/vulnerability/CVE-2019-17652,Stack Buffer Overflow in FortiClient for Linux by Fortinet,"A stack buffer overflow vulnerability exists in FortiClient for Linux versions 6.2.1 and earlier, allowing a low-privilege user to send specially crafted IPC requests to the fctsched process. This improper sanitization of the argv data can lead to crashes in FortiClient processes running with root privileges, potentially disrupting the security features of the software.",Fortinet,Fortinet Forticlientlinux,6.5,MEDIUM,0.0007800000021234155,false,,false,false,false,,,false,false,,2020-02-06T15:23:33.000Z,0
CVE-2019-15711,https://securityvulnerability.io/vulnerability/CVE-2019-15711,Privilege Escalation Vulnerability in FortiClient for Linux,"A privilege escalation issue exists in FortiClient for Linux that could enable low-privileged users to execute system commands with root privileges. This vulnerability arises from the improper handling of specially crafted 'ExportLogs' IPC client requests by the fctsched process, potentially allowing unauthorized actions that compromise system security.",Fortinet,Fortinet Forticlientlinux,7.8,HIGH,0.0004799999878741801,false,,false,false,false,,,false,false,,2020-02-06T15:10:07.000Z,0