cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-33878,https://securityvulnerability.io/vulnerability/CVE-2022-33878,Sensitive Information Exposure in FortiClient for Mac,"A vulnerability in FortiClient for Mac versions 7.0.0 through 7.0.5 allows localized authenticated attackers to access sensitive information, specifically the SSL-VPN password, in cleartext. This can be achieved by executing a logstream command for the FortiTray process through the terminal, presenting a significant risk if exploited. Ensuring secure coding practices and appropriate user access controls can help mitigate this issue.",Fortinet,Fortinet Forticlientmac,2.2,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-11-02T00:00:00.000Z,0
CVE-2021-41028,https://securityvulnerability.io/vulnerability/CVE-2021-41028,Man-in-the-middle Attack Vulnerability in Fortinet FortiClient Products,"The vulnerability arises from the use of hard-coded cryptographic keys in versions of FortiClientEMS and improper certificate validation in FortiClient for Windows, Linux, and Mac. This flawed implementation enables an unauthenticated and network-adjacent attacker to potentially execute a man-in-the-middle attack through the telemetry protocol, compromising secure communication between the EMS and FortiClient.",Fortinet,"Fortinet Forticlientems, Forticlientwindows, Forticlientlinux, Forticlientmac",8.2,HIGH,0.000699999975040555,false,,false,false,false,,,false,false,,2021-12-16T18:13:38.000Z,0
CVE-2021-42754,https://securityvulnerability.io/vulnerability/CVE-2021-42754,Improper Control of Code Generation in FortiClient for MacOS,"An improper control of code generation vulnerability exists in FortiClient for MacOS, affecting versions 7.0.0 and below, as well as 6.4.5 and below. This flaw enables authenticated attackers to potentially hijack the MacOS camera without the user's consent by using a malicious dynamic library (dylib) file. Users should ensure they are running the latest version of the software to mitigate the risk of exploitation.",Fortinet,Fortinet Forticlientmac,3.2,LOW,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-11-02T18:56:19.000Z,0
CVE-2021-26089,https://securityvulnerability.io/vulnerability/CVE-2021-26089,Improper Symlink Following in FortiClient for Mac by Fortinet,"An improper symlink following vulnerability exists in FortiClient for Mac, allowing non-privileged users to execute arbitrary privileged shell commands during the installation phase. This could potentially lead to unauthorized access and manipulation of system commands, posing significant security risks. Users of FortiClient versions 6.4.3 and earlier should update their installations to mitigate these risks.",Fortinet,Fortinet Forticlientmac,6.7,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-07-12T12:48:01.000Z,0