Vulnerabilities > Fortinet > Forticlient > 6.0.10

DATE CVE VULNERABILITY TITLE RISK
2023-11-14 CVE-2022-40681 Incorrect Authorization vulnerability in Fortinet Forticlient
A incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to cause denial of service via sending a crafted request to a specific named pipe.
local
low complexity
fortinet CWE-863
7.1
7.1
2023-04-11 CVE-2022-40682 Incorrect Authorization vulnerability in Fortinet Forticlient
A incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe.
local
low complexity
fortinet CWE-863
7.8
7.8
2023-04-11 CVE-2022-42470 Path Traversal vulnerability in Fortinet Forticlient
A relative path traversal vulnerability in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe.
local
low complexity
fortinet CWE-22
7.8
7.8
2023-04-11 CVE-2022-43946 Incorrect Permission Assignment for Critical Resource vulnerability in Fortinet Forticlient
Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE-732] vulnerability and a time-of-check time-of-use (TOCTOU) race condition [CWE-367] vulnerability in Fortinet FortiClientWindows before 7.0.7 allows attackers on the same file sharing network to execute commands via writing data into a windows pipe.
network
high complexity
fortinet CWE-732
8.1
8.1
2022-05-11 CVE-2021-43066 Exposure of Resource to Wrong Sphere vulnerability in Fortinet Forticlient
A external control of file name or path in Fortinet FortiClientWindows version 7.0.2 and below, version 6.4.6 and below, version 6.2.9 and below, version 6.0.10 and below allows attacker to escalate privilege via the MSI installer.
local
low complexity
fortinet CWE-668
4.6
4.6
2022-04-06 CVE-2021-44169 Improper Initialization vulnerability in Fortinet Forticlient
A improper initialization in Fortinet FortiClient (Windows) version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory.
local
low complexity
fortinet CWE-665
4.6
4.6