Vulnerabilities > Fortinet > Forticlient > 6.2.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-04 | CVE-2019-16150 | Use of Hard-coded Credentials vulnerability in Fortinet Forticlient Use of a hard-coded cryptographic key to encrypt security sensitive data in local storage and configuration in FortiClient for Windows prior to 6.4.0 may allow an attacker with access to the local storage or the configuration backup file to decrypt the sensitive data via knowledge of the hard-coded key. | 5.5 |
| 2020-03-15 | CVE-2020-9290 | Uncontrolled Search Path Element vulnerability in Fortinet Forticlient An Unsafe Search Path vulnerability in FortiClient for Windows online installer 6.2.3 and below may allow a local attacker with control over the directory in which FortiClientOnlineInstaller.exe and FortiClientVPNOnlineInstaller.exe resides to execute arbitrary code on the system via uploading malicious Filter Library DLL files in that directory. | 7.8 |
| 2020-03-12 | CVE-2019-17658 | Unquoted Search Path or Element vulnerability in Fortinet Forticlient An unquoted service path vulnerability in the FortiClient FortiTray component of FortiClientWindows v6.2.2 and prior allow an attacker to gain elevated privileges via the FortiClientConsole executable service path. | 9.8 |