Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-17658

Summary
Assigner-fortinet
Assigner Org ID-6abe59d8-c742-4dff-8ce8-9b0ca1073da8
Published At-12 Mar, 2020 | 21:26
Updated At-25 Oct, 2024 | 14:26
Rejected At-
Credits

An unquoted service path vulnerability in the FortiClient FortiTray component of FortiClientWindows v6.2.2 and prior allow an attacker to gain elevated privileges via the FortiClientConsole executable service path.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:fortinet
Assigner Org ID:6abe59d8-c742-4dff-8ce8-9b0ca1073da8
Published At:12 Mar, 2020 | 21:26
Updated At:25 Oct, 2024 | 14:26
Rejected At:
▼CVE Numbering Authority (CNA)

An unquoted service path vulnerability in the FortiClient FortiTray component of FortiClientWindows v6.2.2 and prior allow an attacker to gain elevated privileges via the FortiClientConsole executable service path.

Affected Products
Vendor
Fortinet, Inc.Fortinet
Product
Fortinet FortiClientWindows
Versions
Affected
  • 6.2.2 and prior
Problem Types
TypeCWE IDDescription
textN/AEscalation of privilege
Type: text
CWE ID: N/A
Description: Escalation of privilege
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://fortiguard.com/advisory/FG-IR-19-281
x_refsource_CONFIRM
Hyperlink: https://fortiguard.com/advisory/FG-IR-19-281
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://fortiguard.com/advisory/FG-IR-19-281
x_refsource_CONFIRM
x_transferred
Hyperlink: https://fortiguard.com/advisory/FG-IR-19-281
Resource:
x_refsource_CONFIRM
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@fortinet.com
Published At:12 Mar, 2020 | 22:15
Updated At:29 Apr, 2021 | 15:57

An unquoted service path vulnerability in the FortiClient FortiTray component of FortiClientWindows v6.2.2 and prior allow an attacker to gain elevated privileges via the FortiClientConsole executable service path.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches

Fortinet, Inc.
fortinet
>>forticlient>>Versions from 6.0.0(inclusive) to 6.0.9(inclusive)
cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*
Fortinet, Inc.
fortinet
>>forticlient>>Versions from 6.2.0(inclusive) to 6.2.2(inclusive)
cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*
Weaknesses
CWE IDTypeSource
CWE-428Primarynvd@nist.gov
CWE ID: CWE-428
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://fortiguard.com/advisory/FG-IR-19-281psirt@fortinet.com
Vendor Advisory
Hyperlink: https://fortiguard.com/advisory/FG-IR-19-281
Source: psirt@fortinet.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

92Records found

CVE-2019-6698
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.00% / 76.08%
||
7 Day CHG~0.00%
Published-23 Aug, 2019 | 19:58
Updated-25 Oct, 2024 | 14:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use of Hard-coded Credentials vulnerability in FortiRecorder all versions below 2.7.4 may allow an unauthenticated attacker with knowledge of the aforementioned credentials and network access to FortiCameras to take control of those, provided they are managed by a FortiRecorder device.

Action-Not Available
Vendor-n/aFortinet, Inc.
Product-fortirecorder_200dfortirecorder_firmwarefortirecorder_100dfortirecorder_400dFortinet FortiRecorder
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2023-37936
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.6||CRITICAL
EPSS-0.28% / 50.62%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 14:09
Updated-31 Jan, 2025 | 17:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code or commands via crafted requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiswitchFortiSwitch
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2024-47575
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.8||CRITICAL
EPSS-90.64% / 99.60%
||
7 Day CHG~0.00%
Published-23 Oct, 2024 | 15:03
Updated-30 Jul, 2025 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-11-13||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet FortiManager Cloud 7.4.1 through 7.4.4, FortiManager Cloud 7.2.1 through 7.2.7, FortiManager Cloud 7.0.1 through 7.0.12, FortiManager Cloud 6.4.1 through 6.4.7 allows attacker to execute arbitrary code or commands via specially crafted requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortimanager_cloudfortimanagerFortiManagerFortiManager
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2023-36548
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.6||CRITICAL
EPSS-1.41% / 79.70%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 16:51
Updated-19 Sep, 2024 | 14:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwlmFortiWLM
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-36550
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.6||CRITICAL
EPSS-1.41% / 79.70%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 16:51
Updated-19 Sep, 2024 | 19:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwlmFortiWLMfortiwlm
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-25256
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.8||CRITICAL
EPSS-18.91% / 95.08%
||
7 Day CHG+2.45%
Published-12 Aug, 2025 | 18:59
Updated-16 Aug, 2025 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9 allows an unauthenticated attacker to execute unauthorized code or commands via crafted CLI requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortisiemFortiSIEM
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-36549
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-8.6||HIGH
EPSS-1.94% / 82.69%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 16:50
Updated-17 Sep, 2024 | 14:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwlmFortiWLMfortiwlm
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-36554
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-7.7||HIGH
EPSS-0.20% / 42.47%
||
7 Day CHG~0.00%
Published-12 Mar, 2024 | 15:09
Updated-02 Aug, 2024 | 16:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A improper access control in Fortinet FortiManager version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.10, version 6.4.0 through 6.4.13, 6.2 all versions allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortimanagerFortiManagerfortimanager
CWE ID-CWE-284
Improper Access Control
CVE-2023-36553
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.3||CRITICAL
EPSS-1.82% / 82.15%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 18:05
Updated-22 Oct, 2024 | 20:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 5.4.0 and 5.3.0 through 5.3.3 and 5.2.5 through 5.2.8 and 5.2.1 through 5.2.2 and 5.1.0 through 5.1.3 and 5.0.0 through 5.0.1 and 4.10.0 and 4.9.0 and 4.7.2 allows attacker to execute unauthorized code or commands via crafted API requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortisiemFortiSIEM
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-36547
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.6||CRITICAL
EPSS-1.41% / 79.70%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 16:51
Updated-19 Sep, 2024 | 20:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwlmFortiWLMfortiwlm
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-25257
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.6||CRITICAL
EPSS-47.71% / 97.62%
||
7 Day CHG+1.92%
Published-17 Jul, 2025 | 15:10
Updated-30 Jul, 2025 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-08-08||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and below 7.0.10 allows an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortiWebFortiWeb
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2023-34990
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.6||CRITICAL
EPSS-28.79% / 96.37%
||
7 Day CHG~0.00%
Published-18 Dec, 2024 | 12:44
Updated-05 Jun, 2025 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specially crafted web requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwlmFortiWLM
CWE ID-CWE-23
Relative Path Traversal
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-34991
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.3||CRITICAL
EPSS-8.02% / 91.74%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 18:07
Updated-22 Oct, 2024 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 and 8.4.0 through 8.4.2 and 8.3.0 through 8.3.2 and 8.2.2 allows attacker to execute unauthorized code or commands via a crafted http request.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwlmFortiWLM
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2023-34992
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.6||CRITICAL
EPSS-77.87% / 98.96%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 16:50
Updated-02 Aug, 2024 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.0.0 and 6.7.0 through 6.7.5 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.1 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via crafted API requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortisiemFortiSIEMfortisiem
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-22252
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9||CRITICAL
EPSS-0.10% / 28.97%
||
7 Day CHG~0.00%
Published-28 May, 2025 | 07:55
Updated-29 May, 2025 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6.1, FortiSwitchManager version 7.2.5, and FortiOS versions 7.4.4 through 7.4.6 and version 7.6.0 may allow an attacker with knowledge of an existing admin account to access the device as a valid admin via an authentication bypass.

Action-Not Available
Vendor-Fortinet, Inc.
Product-FortiProxyFortiSwitchManagerFortiOS
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-16153
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.37%
||
7 Day CHG~0.00%
Published-23 Jan, 2020 | 16:39
Updated-25 Oct, 2024 | 14:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A hard-coded password vulnerability in the Fortinet FortiSIEM database component version 5.2.5 and below may allow attackers to access the device database via the use of static credentials.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortisiemFortinet FortiSIEM
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2023-33299
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.6||CRITICAL
EPSS-9.99% / 92.75%
||
7 Day CHG~0.00%
Published-23 Jun, 2023 | 07:46
Updated-23 Oct, 2024 | 14:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows attacker to execute unauthorized code or commands via specifically crafted request on inter-server communication port. Note FortiNAC versions 8.x will not be fixed.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortinacFortiNAC
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2023-33308
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.8||CRITICAL
EPSS-5.93% / 90.27%
||
7 Day CHG~0.00%
Published-26 Jul, 2023 | 14:00
Updated-23 Oct, 2024 | 13:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside deep or full packet inspection.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiproxyfortiosFortiOSFortiProxy
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-55591
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.6||CRITICAL
EPSS-94.25% / 99.92%
||
7 Day CHG+0.01%
Published-14 Jan, 2025 | 14:08
Updated-30 Jul, 2025 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-01-21||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiproxyfortiosFortiOSFortiProxyFortiOS and FortiProxy
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2022-39952
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.8||CRITICAL
EPSS-93.10% / 99.78%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 18:06
Updated-23 Oct, 2024 | 14:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP request.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortinacFortiNAC
CWE ID-CWE-73
External Control of File Name or Path
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2018-13379
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.1||CRITICAL
EPSS-94.47% / 100.00%
||
7 Day CHG~0.00%
Published-04 Jun, 2019 | 20:18
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiproxyfortiosFortinet FortiOS, FortiProxyFortiOS
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2018-1352
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.50% / 65.11%
||
7 Day CHG~0.00%
Published-08 Feb, 2019 | 18:00
Updated-25 Oct, 2024 | 14:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized code or commands via the SSH username variable.

Action-Not Available
Vendor-n/aFortinet, Inc.
Product-fortiosn/a
CWE ID-CWE-134
Use of Externally-Controlled Format String
CVE-2021-42760
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-8.8||HIGH
EPSS-0.57% / 67.70%
||
7 Day CHG~0.00%
Published-08 Dec, 2021 | 11:31
Updated-25 Oct, 2024 | 13:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiWLM version 8.6.1 and below allows attacker to disclose sensitive information from DB tables via crafted requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwlmFortinet FortiWLM
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2021-42756
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.3||CRITICAL
EPSS-82.16% / 99.17%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 18:05
Updated-23 Oct, 2024 | 14:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflow vulnerabilities [CWE-121] in the proxy daemon of FortiWeb 5.x all versions, 6.0.7 and below, 6.1.2 and below, 6.2.6 and below, 6.3.16 and below, 6.4 all versions may allow an unauthenticated remote attacker to achieve arbitrary code execution via specifically crafted HTTP requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortiWeb
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-32586
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-7.7||HIGH
EPSS-0.44% / 62.13%
||
7 Day CHG~0.00%
Published-01 Mar, 2022 | 18:20
Updated-25 Oct, 2024 | 13:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper input validation vulnerability in the web server CGI facilities of FortiMail before 7.0.1 may allow an unauthenticated attacker to alter the environment of the underlying script interpreter via specifically crafted HTTP requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortimailFortinet FortiMail
CWE ID-CWE-20
Improper Input Validation
CVE-2017-7336
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.94% / 75.31%
||
7 Day CHG~0.00%
Published-22 Jul, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A hard-coded account named 'upgrade' in Fortinet FortiWLM 8.3.0 and lower versions allows a remote attacker to log-in and execute commands with 'upgrade' account privileges.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwlmFortinet FortiWLM
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2021-36186
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-8.8||HIGH
EPSS-0.43% / 61.95%
||
7 Day CHG~0.00%
Published-02 Nov, 2021 | 18:35
Updated-25 Oct, 2024 | 13:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Fortinet FortiWeb version 6.4.0, version 6.3.15 and below, 6.2.5 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortinet FortiWeb
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-32588
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.8||CRITICAL
EPSS-31.05% / 96.59%
||
7 Day CHG~0.00%
Published-18 Aug, 2021 | 21:30
Updated-25 Oct, 2024 | 13:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use of hard-coded credentials (CWE-798) vulnerability in FortiPortal versions 5.2.5 and below, 5.3.5 and below, 6.0.4 and below, versions 5.1.x and 5.0.x may allow a remote and unauthenticated attacker to execute unauthorized commands as root by uploading and deploying malicious web application archive files using the default hard-coded Tomcat Manager username and password.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiportalFortinet FortiPortal
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2024-23108
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.7||CRITICAL
EPSS-88.41% / 99.47%
||
7 Day CHG~0.00%
Published-05 Feb, 2024 | 13:26
Updated-24 Apr, 2025 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 through 7.1.1 and 7.0.0 through 7.0.2 and 6.7.0 through 6.7.8 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.2 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via via crafted API requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortisiemFortiSIEMfortisiem
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-26102
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.8||CRITICAL
EPSS-14.85% / 94.27%
||
7 Day CHG+1.01%
Published-19 Dec, 2024 | 13:56
Updated-21 Jan, 2025 | 20:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A relative path traversal vulnerability (CWE-23) in FortiWAN version 4.5.7 and below, 4.4 all versions may allow a remote non-authenticated attacker to delete files on the system by sending a crafted POST request. In particular, deleting specific configuration files will reset the Admin password to its default value.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwanFortiWAN
CWE ID-CWE-305
Authentication Bypass by Primary Weakness
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2021-26109
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-8.1||HIGH
EPSS-1.34% / 79.25%
||
7 Day CHG~0.00%
Published-08 Dec, 2021 | 12:22
Updated-25 Oct, 2024 | 13:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS before 7.0.1 may allow an unauthenticated attacker to corrupt control data on the heap via specifically crafted requests to SSLVPN, resulting in potentially arbitrary code execution.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiosFortinet FortiOS
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-24020
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.75%
||
7 Day CHG~0.00%
Published-09 Jul, 2021 | 18:17
Updated-25 Oct, 2024 | 13:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A missing cryptographic step in the implementation of the hash digest algorithm in FortiMail 6.4.0 through 6.4.4, and 6.2.0 through 6.2.7 may allow an unauthenticated attacker to tamper with signed URLs by appending further data which allows bypass of signature verification.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortimailFortinet FortiMail
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2021-24019
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-8.1||HIGH
EPSS-15.19% / 94.34%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 09:41
Updated-22 Oct, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An insufficient session expiration vulnerability [CWE- 613] in FortiClientEMS versions 6.4.2 and below, 6.2.8 and below may allow an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID (via other, hypothetical attacks)

Action-Not Available
Vendor-Fortinet, Inc.
Product-forticlient_endpoint_management_serverFortinet FortiClientEMS
CWE ID-CWE-613
Insufficient Session Expiration
CVE-2022-33873
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.23% / 83.87%
||
7 Day CHG~0.00%
Published-10 Oct, 2022 | 00:00
Updated-25 Oct, 2024 | 13:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in Console login components of FortiTester 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an unauthenticated attacker to execute arbitrary command in the underlying shell.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortitesterFortinet FortiTester
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-50563
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.22% / 44.83%
||
7 Day CHG+0.03%
Published-16 Jan, 2025 | 09:16
Updated-03 Feb, 2025 | 21:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiproxyfortiosfortianalyzerfortimanager_cloudfortimanagerfortianalyzer_cloudFortiManagerFortiAnalyzer
CWE ID-CWE-1390
Weak Authentication
CVE-2024-48887
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-9.3||CRITICAL
EPSS-0.10% / 27.55%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 16:52
Updated-23 Jul, 2025 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A unverified password change vulnerability in Fortinet FortiSwitch GUI may allow a remote unauthenticated attacker to change admin passwords via a specially crafted request

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiswitchFortiSwitch
CWE ID-CWE-620
Unverified Password Change
CVE-2024-48886
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-8||HIGH
EPSS-0.11% / 30.16%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 14:09
Updated-03 Feb, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiproxyfortiosfortianalyzerfortimanager_cloudfortimanagerfortianalyzer_cloudFortiOSFortiProxy
CWE ID-CWE-1390
Weak Authentication
CVE-2024-47571
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-7.9||HIGH
EPSS-0.48% / 64.01%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 14:10
Updated-19 Mar, 2025 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An operation on a resource after expiration or release in Fortinet FortiManager 6.4.12 through 7.4.0 allows an attacker to gain improper access to FortiGate via valid credentials.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortimanagerFortiManager
CWE ID-CWE-672
Operation on a Resource after Expiration or Release
CVE-2020-14521
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.3||HIGH
EPSS-0.24% / 47.41%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 17:40
Updated-16 Apr, 2025 | 18:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mitsubishi Electric Factory Automation Engineering Products Unquoted Search Path or Element

Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition.

Action-Not Available
Vendor-Mitsubishi Electric Corporation
Product-melsoft_complete_clean_up_toolgot1000_series_gt10network_interface_board_cc_ie_control_utility_firmwaregot1000_series_gt12fr_configurator_sw3motorizergx_works3got1000_series_gt25gt_designer3network_interface_board_mneth_utility_firmwarecc-link_ie_tsn_data_collectorgot1000_series_gt15network_interface_board_cc-link_ver.2_utility_firmwarec_controller_interface_module_utilitysetting\/monitoring_tools_for_the_c_controller_modulegot1000_series_gt23data_transferezsocketm_commdtm-io-linkmx_mesinterface-rgot1000_series_gt27gt_softgot1000melsoft_em_software_development_kitc_controller_module_setting_and_monitoring_toolcc-link_ie_control_network_data_collectorrt_toolbox3position_board_utility_2fr_configurator2mtconnect_data_collectormx_componentmelfa-worksmelsoft_iq_appportalgot1000_series_gt14network_interface_board_cc_ie_field_utility_firmwarenetwork_interface_board_cc_ie_control_utilitygx_logviewermt_works2mx_mesinterfacecc-link_ie_field_network_data_collectormotion_control_settingpx_developerslmp_data_collectormx_sheetcw_configuratornetwork_interface_board_mneth_utilitycpu_module_logging_configuration_toolgt_designer2_classicmelsec_wincpu_setting_utilitymelsoft_navigatorgt_softgot2000got1000_series_gt21network_interface_board_cc-link_ver.2_utilitynetwork_interface_board_cc_ie_field_utilitygx_works2mr_configurator2got1000_series_gt16mi_configuratorrt_toolbox2got1000_series_gt11gx_developerGT Designer3 Version1 (GOT1000)GX LogViewerMI ConfiguratorCC-Link IE TSN Data CollectorFR Configurator SW3CC-Link IE Control Network Data CollectorMX MESInterfaceMotorizerNetwork Interface Board CC IE Field UtilityData TransferMELSOFT EM Software Development KitCC-Link IE Field Network Data CollectorMELSOFT iQ AppPortalMT Works2RT ToolBox2MR Configurator2MX SheetMotion Control SettingEZSocketNetwork Interface Board CC IE Control UtilityGX Works2CPU Module Logging Configuration ToolGX DeveloperPX DeveloperGT SoftGOT2000 Version1GT Designer3 Version1 (GOT2000)GT SoftGOT1000 Version3GX Works3RT ToolBox3MELSOFT NavigatorM_CommDTM-IO-LinkNetwork Interface Board MNETH UtilityFR Configurator2MELSOFT Complete Clean Up ToolSLMP Data CollectorCW ConfiguratorMELFA-WorksSetting/Monitoring tools for the C Controller moduleMELSEC WinCPU Setting UtilityMTConnect Data CollectorC Controller Interface Module UtilityGT Designer2 ClassicMX ComponentMX MESInterface-RPosition Board utility 2Network Interface Board CC-Link Ver.2 Utility
CWE ID-CWE-428
Unquoted Search Path or Element
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2019-8459
Matching Score-4
Assigner-Check Point Software Ltd.
ShareView Details
Matching Score-4
Assigner-Check Point Software Ltd.
CVSS Score-9.8||CRITICAL
EPSS-0.50% / 65.11%
||
7 Day CHG~0.00%
Published-20 Jun, 2019 | 16:50
Updated-04 Aug, 2024 | 21:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Check Point Endpoint Security Client for Windows, with the VPN blade, before version E80.83, starts a process without using quotes in the path. This can cause loading of a previously placed executable with a name similar to the parts of the path, instead of the intended one.

Action-Not Available
Vendor-Check Point Software Technologies Ltd.
Product-capsule_docs_standalone_clientendpoint_security_server_packageendpoint_security_clientssmartconsole_for_endpoint_security_serverjumbo_hotfix_for_endpoint_security_serverremote_access_clientsCheck Point Endpoint Security Client for Windows, VPN blade
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2023-38408
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-73.01% / 98.73%
||
7 Day CHG~0.00%
Published-20 Jul, 2023 | 00:00
Updated-15 Oct, 2024 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

Action-Not Available
Vendor-n/aOpenBSDFedora Project
Product-fedoraopensshn/a
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2022-36344
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.71% / 71.38%
||
7 Day CHG~0.00%
Published-16 Aug, 2022 | 07:03
Updated-03 Aug, 2024 | 10:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unquoted search path vulnerability exists in 'JustSystems JUST Online Update for J-License' bundled with multiple products for corporate users as in Ichitaro through Pro5 and others. Since the affected product starts another program with an unquoted file path, a malicious file may be executed with the privilege of the Windows service if it is placed in a certain path. Affected products are bundled with the following product series: Office and Office Integrated Software, ATOK, Hanako, JUST PDF, Shuriken, Homepage Builder, JUST School, JUST Smile Class, JUST Smile, JUST Frontier, JUST Jump, and Tri-De DetaProtect.

Action-Not Available
Vendor-justsystemsJustSystems Corporation
Product-atok_pro_5just_office_4just_school_7hanako_police_6just_school_6just_jump_classjust_police_5atok_medical_3just_pdf_3just_note_4just_government_3shuriken_pro_7shuriken_pro_6hanako_pro_5just_police_2just_smile_class_2just_office_2just_calc_4hanako_police_7just_office_3ichitaro_government_9hanako_pro_3ichitaro_pro_5just_medical_3just_smile_7just_police_3just_office_5just_focus_4just_note_3just_calc_5just_medical_4atok_medical_2hanako_police_5just_government_4just_pdf_4ichitaro_pro_4just_smile_6just_note_5just_calc_3just_jump_class_2atok_pro_4homepage_builder_21ichitaro_pro_3homepage_builder_22atok_pro_3ichitaro_government_10homepage_builder_20just_focus_3tri-de_dataprotectjust_medical_2just_medical_5just_frontier_3just_pdf_5just_government_2just_government_5just_smile_8ichitaro_government_8hanako_pro_4just_police_4just_jump_8JustSystems JUST Online Update for J-License'
CWE ID-CWE-428
Unquoted Search Path or Element
  • Previous
  • 1
  • 2
  • Next
Details not found