FortiClient VPN version 7.4 vulnerabilities

View all applications
Patching for Windows Mac Linux

CVE Vulnerabilities for FortiClient VPN

CVE	Published	Severity	Details	Exploitability	Impact	Vector
CVE‑2025‑57741	2025‑10‑14 16:15:40	HIGH (8)	An Incorrect Permission Assignment for Critical Resource vulnerability [CWE-732] in FortiClientMac 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local attacker to run arbitrary code or commands via LaunchDaemon hijacking.	2	6	LOCAL
CVE‑2025‑57716	2025‑10‑14 16:15:40	MEDIUM (7)	An Uncontrolled Search Path Element vulnerability [CWE-427] in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious DLL to the FortiClient Online Installer installation folder.	1	6	LOCAL
CVE‑2025‑46774	2025‑10‑14 16:15:39	HIGH (8)	An Improper Verification of Cryptographic Signature vulnerability [CWE-347] in FortiClient MacOS installer version 7.4.2 and below, version 7.2.9 and below, 7.0 all versions may allow a local user to escalate their privileges via FortiClient related executables.	1	6	LOCAL
CVE‑2025‑31365	2025‑10‑14 16:15:37	MEDIUM (6)	An Improper Control of Generation of Code ('Code Injection') vulnerability [CWE-94] in FortiClientMac 7.4.0 through 7.4.3, 7.2.1 through 7.2.8 may allow an unauthenticated attacker to execute arbitrary code on the victim's host via tricking the user into visiting a malicious website.	2	4	NETWORK
CVE‑2025‑25251	2025‑05‑28 08:15:21	HIGH (8)	An Incorrect Authorization vulnerability [CWE-863] in FortiClient Mac 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 may allow a local attacker to escalate privileges via crafted XPC messages.	2	6	LOCAL
CVE‑2025‑24473	2025‑05‑28 08:15:21	LOW (4)	A exposure of sensitive system information to an unauthorized control sphere in Fortinet FortiClientWindows versions 7.2.0 through 7.2.1 may allow an unauthorized remote attacker to view application information via navigation to a hosted webpage, if Windows is configured to accept incoming connections to port 8053 (non-default setup)	2	1	NETWORK
CVE‑2024‑54019	2025‑06‑10 17:19:40	MEDIUM (5)	A improper validation of certificate with host mismatch in Fortinet FortiClientWindows version 7.4.0, versions 7.2.0 through 7.2.6, and 7.0 all versions allow an unauthorized attacker to redirect VPN connections via DNS spoofing or another form of redirection.	2	3	NETWORK
CVE‑2024‑52968	2025‑02‑11 17:15:23	MEDIUM (7)	An improper authentication in Fortinet FortiClientMac 7.0.11 through 7.2.4 allows attacker to gain improper access to MacOS via empty password.	1	6	LOCAL
CVE‑2024‑50570	2024‑12‑18 13:15:07	MEDIUM (5)	A Cleartext Storage of Sensitive Information vulnerability [CWE-312] in FortiClientWindows 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13 and FortiClientLinux 7.4.0 through 7.4.2, 7.2.0 through 7.2.7, 7.0.0 through 7.0.13 may permit a local authenticated user to retrieve VPN password via memory dump, due to JavaScript's garbage collector	1	4	LOCAL
CVE‑2024‑50564	2025‑01‑14 14:15:33	LOW (3)	A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all versions, 7.0.x all versions, and 6.4.x all versions may allow a low-privileged user to decrypt interprocess communication via monitoring named piped.	2	1	LOCAL
CVE‑2024‑47574	2024‑11‑13 12:15:16	HIGH (8)	A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0, and 6.4.10 through 6.4.0 allows low privilege attacker to execute arbitrary code with high privilege via spoofed named pipe messages.	2	6	LOCAL
CVE‑2024‑40592	2024‑11‑12 19:15:11	HIGH (8)	An improper verification of cryptographic signature vulnerability [CWE-347] in FortiClient MacOS version 7.4.0, version 7.2.4 and below, version 7.0.10 and below, version 6.4.10 and below may allow a local authenticated attacker to swap the installer with a malicious package via a race condition during the installation process.	1	6	LOCAL
CVE‑2024‑40586	2025‑02‑11 17:15:23	MEDIUM (7)	An Improper Access Control vulnerability [CWE-284] in FortiClient Windows version 7.4.0, version 7.2.6 and below, version 7.0.13 and below may allow a local user to escalate his privileges via FortiSSLVPNd service pipe.	1	6	LOCAL
CVE‑2024‑36513	2024‑11‑12 19:15:11	HIGH (8)	A privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version 7.0.12 and below, 6.4 all versions may allow an authenticated user to escalate their privileges via lua auto patch scripts.	2	6	LOCAL
CVE‑2024‑36507	2024‑11‑12 19:15:10	HIGH (7)	A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0 allows an attacker to run arbitrary code via DLL hijacking and social engineering.	1	6	LOCAL
CVE‑2024‑35282	2024‑09‑10 15:15:16	MEDIUM (5)	A cleartext storage of sensitive information in memory vulnerability [CWE-316] affecting FortiClient VPN iOS 7.2 all versions, 7.0 all versions, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an unauthenticated attacker that has physical access to a jailbroken device to obtain cleartext passwords via keychain dump.	1	4	PHYSICAL
CVE‑2024‑31492	2024‑04‑10 13:51:39	HIGH (8)	An external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process.	2	6	LOCAL
CVE‑2024‑31489	2024‑09‑10 15:15:16	MEDIUM (7)	AAn improper certificate validation vulnerability [CWE-295] in FortiClientWindows 7.2.0 through 7.2.2, 7.0.0 through 7.0.11, FortiClientLinux 7.2.0, 7.0.0 through 7.0.11 and FortiClientMac 7.0.0 through 7.0.11, 7.2.0 through 7.2.4 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiGate and the FortiClient during the ZTNA tunnel creation	2	5	ADJACENT_NETWORK
CVE‑2023‑45590	2024‑04‑09 15:15:28	CRITICAL (10)	An improper control of generation of code ('code injection') in Fortinet FortiClientLinux version 7.2.0, 7.0.6 through 7.0.10 and 7.0.3 through 7.0.4 allows attacker to execute unauthorized code or commands via tricking a FortiClientLinux user into visiting a malicious website	3	6	NETWORK
CVE‑2023‑45588	2025‑03‑14 16:15:28	HIGH (8)	An external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process.	2	6	LOCAL
CVE‑2023‑41840	2023‑11‑14 18:15:53	HIGH (8)	A untrusted search path vulnerability in Fortinet FortiClientWindows 7.0.9 allows an attacker to perform a DLL Hijack attack via a malicious OpenSSL engine library in the search path.	2	6	LOCAL
CVE‑2023‑33304	2023‑11‑14 18:15:30	MEDIUM (4)	A use of hard-coded credentials vulnerability in Fortinet FortiClient Windows 7.0.0 - 7.0.9 and 7.2.0 - 7.2.1 allows an attacker to bypass system protections via the use of static credentials.	1	4	LOCAL
CVE‑2023‑22635	2023‑04‑11 17:15:08	HIGH (8)	A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac version 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions, 5.6 all versions, 5.4 all versions, 5.2 all versions, 5.0 all versions and 4.0 all versions may allow a local attacker to escalate their privileges via modifying the installer upon upgrade.	2	6	LOCAL
CVE‑2022‑45856	2024‑09‑10 15:15:14	MEDIUM (6)	An improper certificate validation vulnerability [CWE-295] in FortiClientWindows 6.4 all versions, 7.0.0 through 7.0.7, FortiClientMac 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.4, FortiClientLinux 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.4, FortiClientAndroid 6.4 all versions, 7.0 all versions, 7.2.0 and FortiClientiOS 5.6 all versions, 6.0.0 through 6.0.1, 7.0.0 through 7.0.6 SAML SSO feature may allow an unauthenticated attacker to man-in-the-middle the communication between the FortiClient and both the service provider and the identity provider.	2	4	NETWORK
CVE‑2022‑43946	2023‑04‑11 17:15:08	HIGH (8)	Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE-732] vulnerability and a time-of-check time-of-use (TOCTOU) race condition [CWE-367] vulnerability in Fortinet FortiClientWindows before 7.0.7 allows attackers on the same file sharing network to execute commands via writing data into a windows pipe.	2	6	NETWORK
CVE‑2022‑42470	2023‑04‑11 17:15:08	HIGH (8)	A relative path traversal vulnerability in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe.	2	6	LOCAL
CVE‑2022‑40682	2023‑04‑11 17:15:07	HIGH (8)	A incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe.	2	6	LOCAL
CVE‑2022‑40681	2023‑11‑14 19:15:13	HIGH (7)	A incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to cause denial of service via sending a crafted request to a specific named pipe.	2	5	LOCAL
CVE‑2022‑33878	2022‑11‑02 12:15:53	MEDIUM (6)	An exposure of sensitive information to an unauthorized actor vulnerabiltiy [CWE-200] in FortiClient for Mac versions 7.0.0 through 7.0.5 may allow a local authenticated attacker to obtain the SSL-VPN password in cleartext via running a logstream for the FortiTray process in the terminal.	2	4	LOCAL
CVE‑2022‑33877	2023‑06‑13 09:15:14	MEDIUM (6)	An incorrect default permission [CWE-276] vulnerability in FortiClient (Windows) versions 7.0.0 through 7.0.6 and 6.4.0 through 6.4.8 and FortiConverter (Windows) versions 6.2.0 through 6.2.1, 7.0.0 and all versions of 6.0.0 may allow a local authenticated attacker to tamper with files in the installation folder, if FortiClient or FortiConverter is installed in an insecure folder.	2	4	LOCAL
CVE‑2022‑26113	2022‑07‑19 14:15:08	HIGH (8)	An execution with unnecessary privileges vulnerability [CWE-250] in FortiClientWindows 7.0.0 through 7.0.3, 6.4.0 through 6.4.7, 6.2.0 through 6.2.9, 6.0.0 through 6.0.10 may allow a local attacker to perform an arbitrary file write on the system.	3	5	LOCAL
CVE‑2021‑44169	2022‑04‑06 10:15:08	HIGH (8)	A improper initialization in Fortinet FortiClient (Windows) version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory.	2	6	LOCAL
CVE‑2021‑44167	2022‑05‑11 15:15:09	MEDIUM (7)	An incorrect permission assignment for critical resource vulnerability [CWE-732] in FortiClient for Linux version 6.0.8 and below, 6.2.9 and below, 6.4.7 and below, 7.0.2 and below may allow an unauthenticated attacker to access sensitive information in log files and directories via symbolic links.	3	4	LOCAL
CVE‑2021‑43205	2022‑04‑06 10:15:08	MEDIUM (5)	An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient for Linux version 7.0.2 and below, 6.4.7 and below and 6.2.9 and below may allow an unauthenticated attacker to access the confighandler webserver via external binaries.	4	1	NETWORK
CVE‑2021‑43204	2021‑12‑09 09:15:07	MEDIUM (4)	A improper control of a resource through its lifetime in Fortinet FortiClientWindows version 6.4.1 and 6.4.0, version 6.2.9 and below, version 6.0.10 and below allows attacker to cause a complete denial of service of its components via changes of directory access permissions.	1	4	LOCAL
CVE‑2021‑43066	2022‑05‑11 16:15:09	HIGH (8)	A external control of file name or path in Fortinet FortiClientWindows version 7.0.2 and below, version 6.4.6 and below, version 6.2.9 and below, version 6.0.10 and below allows attacker to escalate privilege via the MSI installer.	2	6	LOCAL
CVE‑2021‑42754	2021‑11‑02 19:15:08	MEDIUM (5)	An improper control of generation of code vulnerability [CWE-94] in FortiClientMacOS versions 7.0.0 and below and 6.4.5 and below may allow an authenticated attacker to hijack the MacOS camera without the user permission via the malicious dylib file.	1	4	LOCAL
CVE‑2021‑41031	2022‑07‑18 18:15:09	HIGH (8)	A relative path traversal vulnerability [CWE-23] in FortiClient for Windows versions 7.0.2 and prior, 6.4.6 and prior and 6.2.9 and below may allow a local unprivileged attacker to escalate their privileges to SYSTEM via the named pipe responsible for FortiESNAC service.	2	6	LOCAL
CVE‑2021‑41028	2021‑12‑16 19:15:08	HIGH (8)	A combination of a use of hard-coded cryptographic key vulnerability [CWE-321] in FortiClientEMS 7.0.1 and below, 6.4.6 and below and an improper certificate validation vulnerability [CWE-297] in FortiClientWindows, FortiClientLinux and FortiClientMac 7.0.1 and below, 6.4.6 and below may allow an unauthenticated and network adjacent attacker to perform a man-in-the-middle attack between the EMS and the FCT via the telemetry protocol.	2	6	ADJACENT_NETWORK
CVE‑2021‑36183	2021‑11‑02 19:15:08	HIGH (8)	An improper authorization vulnerability [CWE-285] in FortiClient for Windows versions 7.0.1 and below and 6.4.2 and below may allow a local unprivileged attacker to escalate their privileges to SYSTEM via the named pipe responsible for Forticlient updates.	2	6	LOCAL
CVE‑2021‑36167	2021‑12‑09 10:15:11	MEDIUM (5)	An improper authorization vulnerabiltiy [CWE-285] in FortiClient Windows versions 7.0.0 and 6.4.6 and below and 6.2.8 and below may allow an unauthenticated attacker to bypass the webfilter control via modifying the session-id paramater.	4	1	NETWORK
CVE‑2021‑32592	2021‑12‑01 12:15:08	HIGH (8)	An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x and FortiClientEMS 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x may allow an attacker to perform a DLL Hijack attack on affected devices via a malicious OpenSSL engine library in the search path.	2	6	LOCAL
CVE‑2021‑26089	2021‑07‑12 13:15:08	MEDIUM (7)	An improper symlink following in FortiClient for Mac 6.4.3 and below may allow an non-privileged user to execute arbitrary privileged shell commands during installation phase.	1	6	LOCAL
CVE‑2021‑22127	2022‑04‑06 16:15:08	HIGH (7)	An improper input validation vulnerability in FortiClient for Linux 6.4.x before 6.4.3, FortiClient for Linux 6.2.x before 6.2.9 may allow an unauthenticated attacker to execute arbitrary code on the host operating system as root via tricking the user into connecting to a network with a malicious name.	1	6	ADJACENT_NETWORK
CVE‑2020‑9295	2025‑03‑17 14:15:17	MEDIUM (5)	FortiOS 6.2 running AV engine version 6.00142 and below, FortiOS 6.4 running AV engine version 6.00144 and below and FortiClient 6.2 running AV engine version 6.00137 and below may not immediately detect certain types of malformed or non-standard RAR archives, potentially containing malicious files. Based on the samples provided, FortiClient will detect the malicious files upon trying extraction by real-time scanning and FortiGate will detect the malicious archive if Virus Outbreak Prevention is enabled.	3	1	NETWORK
CVE‑2020‑9291	2020‑06‑01 19:15:10	MEDIUM (6)	An Insecure Temporary File vulnerability in FortiClient for Windows 6.2.1 and below may allow a local user to gain elevated privileges via exhausting the pool of temporary file names combined with a symbolic link attack.	3	3	ADJACENT_NETWORK
CVE‑2020‑9290	2020‑03‑15 22:15:15	HIGH (8)	An Unsafe Search Path vulnerability in FortiClient for Windows online installer 6.2.3 and below may allow a local attacker with control over the directory in which FortiClientOnlineInstaller.exe and FortiClientVPNOnlineInstaller.exe resides to execute arbitrary code on the system via uploading malicious Filter Library DLL files in that directory.	2	6	LOCAL
CVE‑2020‑15934	2024‑12‑19 11:15:07	HIGH (9)	An execution with unnecessary privileges vulnerability in the VCM engine of FortiClient for Linux versions 6.2.7 and below, version 6.4.0. may allow local users to elevate their privileges to root by creating a malicious script or program on the target machine.	3	6	ADJACENT_NETWORK
CVE‑2019‑6692	2019‑10‑24 14:15:12	HIGH (8)	A malicious DLL preload vulnerability in Fortinet FortiClient for Windows 6.2.0 and below allows a privileged attacker to perform arbitrary code execution via forging that DLL.	2	6	LOCAL
CVE‑2019‑5589	2019‑05‑28 22:29:01	HIGH (9)	An Unsafe Search Path vulnerability in FortiClient Online Installer (Windows version before 6.0.6) may allow an unauthenticated, remote attacker with control over the directory in which FortiClientOnlineInstaller.exe resides to execute arbitrary code on the system via uploading malicious .dll files in that directory.	0	0	NETWORK
CVE‑2019‑17658	2020‑03‑12 22:15:15	CRITICAL (10)	An unquoted service path vulnerability in the FortiClient FortiTray component of FortiClientWindows v6.2.2 and prior allow an attacker to gain elevated privileges via the FortiClientConsole executable service path.	4	6	NETWORK
CVE‑2019‑17652	2020‑02‑06 16:15:12	MEDIUM (7)	A stack buffer overflow vulnerability in FortiClient for Linux 6.2.1 and below may allow a user with low privilege to cause FortiClient processes running under root priviledge crashes via sending specially crafted "StartAvCustomScan" type IPC client requests to the fctsched process due the argv data not been well sanitized.	3	4	NETWORK
CVE‑2019‑17650	2019‑11‑21 16:15:13	HIGH (8)	An Improper Neutralization of Special Elements used in a Command vulnerability in one of FortiClient for Mac OS root processes, may allow a local user of the system on which FortiClient is running to execute unauthorized code as root by bypassing a security check.	2	6	LOCAL
CVE‑2019‑16155	2020‑02‑07 15:15:12	HIGH (7)	A privilege escalation vulnerability in FortiClient for Linux 6.2.1 and below may allow a user with low privilege to overwrite system files as root with arbitrary content through system backup file via specially crafted "BackupConfig" type IPC client requests to the fctsched process. Further more, FortiClient for Linux 6.2.2 and below allow low privilege user write the system backup file under root privilege through GUI thus can cause root system file overwrite.	2	5	LOCAL
CVE‑2019‑16152	2020‑02‑06 16:15:12	MEDIUM (7)	A Denial of service (DoS) vulnerability in FortiClient for Linux 6.2.1 and below may allow an user with low privilege to cause FortiClient processes running under root privilege crashes via sending specially crafted IPC client requests to the fctsched process due the nanomsg not been correctly validated.	3	4	NETWORK
CVE‑2019‑16150	2020‑06‑04 13:15:11	MEDIUM (6)	Use of a hard-coded cryptographic key to encrypt security sensitive data in local storage and configuration in FortiClient for Windows prior to 6.4.0 may allow an attacker with access to the local storage or the configuration backup file to decrypt the sensitive data via knowledge of the hard-coded key.	2	4	LOCAL
CVE‑2019‑15711	2020‑02‑06 16:15:12	HIGH (8)	A privilege escalation vulnerability in FortiClient for Linux 6.2.1 and below may allow an user with low privilege to run system commands under root privilege via injecting specially crafted "ExportLogs" type IPC client requests to the fctsched process.	2	6	LOCAL
CVE‑2019‑15704	2019‑11‑21 15:15:14	MEDIUM (6)	A clear text storage of sensitive information vulnerability in FortiClient for Mac may allow a local attacker to read sensitive information logged in the console window when the user connects to an SSL VPN Gateway.	2	4	LOCAL
CVE‑2018‑9195	2019‑11‑21 15:15:12	MEDIUM (6)	Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiClient) sent and received from Fortiguard severs by decrypting these messages. Affected products include FortiClient for Windows 6.0.6 and below, FortiOS 6.0.7 and below, FortiClient for Mac OS 6.2.1 and below.	2	4	NETWORK
CVE‑2018‑9193	2019‑05‑30 17:29:00	HIGH (8)	A researcher has disclosed several vulnerabilities against FortiClient for Windows version 6.0.5 and below, version 5.6.6, the combination of these vulnerabilities can turn into an exploit chain, which allows a user to gain system privileges on Microsoft Windows.	2	6	LOCAL
CVE‑2018‑9191	2019‑05‑30 17:29:00	MEDIUM (5)	A local privilege escalation in Fortinet FortiClient for Windows 6.0.4 and earlier allows attackers to execute unauthorized code or commands via the named pipe responsible for Forticlient updates.	0	0	LOCAL
CVE‑2018‑9190	2019‑02‑08 19:29:00	MEDIUM (5)	A null pointer dereference vulnerability in Fortinet FortiClientWindows 6.0.2 and earlier allows attacker to cause a denial of service via the NDIS miniport driver.	0	0	LOCAL
CVE‑2018‑13368	2019‑05‑30 17:29:00	MEDIUM (5)	A local privilege escalation in Fortinet FortiClient for Windows 6.0.4 and earlier allows attacker to execute unauthorized code or commands via the command injection.	0	0	LOCAL
CVE‑2017‑7344	2017‑12‑14 18:29:00	HIGH (8)	A privilege escalation in Fortinet FortiClient Windows 5.4.3 and earlier as well as 5.6.0 allows attacker to gain privilege via exploiting the Windows "security alert" dialog thereby popping up when the "VPN before logon" feature is enabled and an untrusted certificate chain.	0	0	NETWORK
CVE‑2017‑17543	2018‑04‑26 20:29:00	MEDIUM (5)	Users' VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2335 and below versions, due to the use of a static encryption key and weak encryption algorithms.	0	0	NETWORK
CVE‑2017‑14184	2017‑12‑15 21:29:00	MEDIUM (4)	An Information Disclosure vulnerability in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2334 and below versions allows regular users to see each other's VPN authentication credentials due to improperly secured storage locations.	0	0	NETWORK
CVE‑2016‑8493	2017‑06‑26 17:29:00	HIGH (9)	In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClientNamedPipe vulnerability.	0	0	NETWORK
CVE‑2015‑7362	2016‑01‑08 19:59:05	HIGH (7)	Fortinet FortiClient Linux SSLVPN before build 2313, when installed on Linux in a home directory that is world readable and executable, allows local users to gain privileges via the helper/subroc setuid program.	0	0	LOCAL
CVE‑2015‑5737	2015‑09‑03 14:59:08	HIGH (7)	The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, (4) mdare64_52.sys, and (5) Fortishield.sys drivers in Fortinet FortiClient before 5.2.4 do not properly restrict access to the API for management of processes and the Windows registry, which allows local users to obtain a privileged handle to a PID and possibly have unspecified other impact, as demonstrated by a 0x2220c8 ioctl call.	0	0	LOCAL
CVE‑2015‑5736	2015‑09‑03 14:59:07	HIGH (7)	The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 ioctl call.	0	0	LOCAL
CVE‑2015‑5735	2015‑09‑03 14:59:06	HIGH (7)	The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to write to arbitrary memory locations via a 0x226108 ioctl call.	0	0	LOCAL
CVE‑2015‑4077	2015‑09‑03 14:59:00	LOW (2)	The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to read arbitrary kernel memory via a 0x22608C ioctl call.	0	0	LOCAL
CVE‑2015‑1570	2015‑02‑10 20:59:05	MEDIUM (4)	The Endpoint Control protocol implementation in Fortinet FortiClient 5.2.3.091 for Android and 5.2.028 for iOS does not validate certificates, which makes it easier for man-in-the-middle attackers to spoof servers via a crafted certificate.	0	0	NETWORK
CVE‑2015‑1569	2015‑02‑10 20:59:04	MEDIUM (4)	Fortinet FortiClient 5.2.028 for iOS does not validate certificates, which makes it easier for man-in-the-middle attackers to spoof SSL VPN servers via a crafted certificate.	0	0	NETWORK
CVE‑2015‑1453	2015‑02‑02 16:59:06	MEDIUM (5)	The qm class in Fortinet FortiClient 5.2.3.091 for Android uses a hardcoded encryption key of FoRtInEt!AnDrOiD, which makes it easier for attackers to obtain passwords and possibly other sensitive data by leveraging the key to decrypt data in the Shared Preferences.	0	0	NETWORK
CVE‑2013‑4669	2013‑06‑25 14:38:18	MEDIUM (5)	FortiClient before 4.3.5.472 on Windows, before 4.0.3.134 on Mac OS X, and before 4.0 on Android; FortiClient Lite before 4.3.4.461 on Windows; FortiClient Lite 2.0 through 2.0.0223 on Android; and FortiClient SSL VPN before 4.0.2258 on Linux proceed with an SSL session after determining that the server's X.509 certificate is invalid, which allows man-in-the-middle attackers to obtain sensitive information by leveraging a password transmission that occurs before the user warning about the certificate problem.	0	0	NETWORK

Deep Windows, Mac, and Linux OS patching

Stay out of the "Negligent MSP" label because Lavawall® covers:

30-312 times as many applications as popular RMMs.
"optional" Windows patches, including firmware and drivers
Mac OS and application patches
Linux Kernel, OS, and package patches for more distribution types than we want to admit exist

Select the operating system you care about to find how Lavawall takes care of Operating System, driver, and application patches.
Windows Mac Linux

What applications does Lavawall® monitor?

Lavawall monitors patches for over 7,500 applications. This is a summary of the most popular applications.
Click here for the full list.
Click the applications below for the current version and known vulnerabilities.
Logos are property of their respective trademark holders and are not affiliated with ThreeShield or Lavawall. We have not audited the security of most of the listed tools.

115Chrome

1Password

360Chrome

3CX Call Flow Designer

3CX Desktop App

6.0 .NET SDK

7.0 .NET SDK

7Zip

9.0 .NET SDK

ABS PDF Install

Acronis True Image

Active@ Boot Disk

ActiveState Komodo Edit

ActivityWatch

Adblock Plus

Adobe Acrobat Reader DC

Adobe Audition

Adobe Bridge

Adobe Character Animator

Adobe Connect

Adobe Connect application MSI

Adobe Creative Cloud

Adobe DNG Converter

Adobe Dreamweaver

Adobe Illustrator

Adobe InDesign

Adobe Lightroom

Adobe Photoshop

Advanced IP Scanner

AIMP

AirDroid

AirPort

AlienVault

Alienware Command Center Suite

Alist

Altap Salamander

Amazon Music

Amazon WorkSpaces

Anaconda3

Anchore Syft

AnyDesk

AnyDesk Windows

AnyTXT Searcher

Apache Directory Studio

Apache HTTP Server

Apache NetBeans IDE

Arduino USB Driver

Arm GNU Toolchain

Armagetron Advanced

ArmouryCrate

ArrayFire

Artha

Asana

ASUS drivers and firmware

Atlassian Companion

ATLauncher Setup

Audacity

Autodesk Access

Autodesk Advance Steel

Autodesk AutoCAD Architecture

Autodesk Revit

AutoElevate

AutoHotkey

Automox Agent

Avaya Workplace

AWS VPN Windows

Axcient Backup Agent

Azure VPN Client

BaiduNetdisk

balenaEtcher

BandiView

Bandizip

Basecamp 3

BeeBEEP

Beeftext

Bio-Well

Bitcoin Core

Bitdefender Endpoint

Bitwarden CLI

Bluebeam Revu

Brackets

Brady Workstation

Brave Browser

Brother drivers and firmware

Burp Suite Beta

calibre

Canon My Printer

Care Center Service

Caseware Working Papers

CCleaner

Chocolatey

Chrome Remote Desktop

ChromeOS Stable

Cisco Webex

Citrix Workspace

ClangFormat

Clockify

Cloudflare WARP

Code::Blocks

Composer - PHP Dependency Manager

Conexant drivers and firmware

CrowdStrike Windows Sensor

CurseForge

Cursor

CutePDF Writer

CyberProtectHomeOffice

Datto RMM

Debian

Dell Command

DisplayLink Graphics Driver

Docker Desktop

docuPrinter Pro

DoxCycle

Dropbox

Dymo Connect

Dynamo Core

Elan drivers and firmware

Electrum

Epic Games Launcher

ESET AV Remover

Evernote

Evoluent drivers and firmware

ExpressConnect Drivers

ExpressVPN

FARO LS

FileZilla Client

Firefox

Foobar2000

Formit

FortiClient VPN

FreeCAD

Garmin drivers and firmware

Gimp

Git

GitHub Desktop

Glance Client

Glance Guest

GN Audio drivers and firmware

Go Programming Language

Go Spotify Cli

Google Ads Editor

Google Drive

Google Earth

Google Sheets

Google Slides

GoTo Opener

GoTo Resolve Desktop Console

GoToAssist Expert

Grammarly MacOS

GrampsAIO64

Groovy 2

Guardian Browser

Guitar Pro 6

Heidi Eraser

HeidiSQL

Honeyview

HP Click

HP OCR

Huntress Agent

IcedTea-Web

Inkscape

Insecure Nmap

Intel drivers and firmware

IrfanView

IronPython

ITE Tech drivers and firmware

iTunes

Java 8

KeePass Password Safe 2

Krisp Ai Meeting Manager

Laserbox basic

LastPass Desktop (Installed)

Lenovo Legion Toolkit

Lenovo Vantage

Lexmark International Printer

LibreOffice

Logi Bolt

Logi Options+

Logitech drivers and firmware

Loom

Magic Control Technology drivers and firmware

Malwarebytes

ManageEngine ADSelfService

MAXtoA

Memurai Developer

Edge

Malicious Software Removal

MirrorOp

MongoDB Compass Community

MozBackup

Mozilla Maintenance Service

mutool

MySQL Community Server

MySQL Workbench

Node.js LTS

NordPass

NordVPN

Norton 360

Norton Security

NoSQL Workbench

Notepad++

Nox APP Player

NV Access

NVIDIA GeForce Experience

NVIDIA Graphics Driver

OBS Studio

Obsidian

OpenOffice

OpenShot Video Editor

OpenSSL

OpenVPN Connect v2

Oracle Linux 7.9

Palisade @RISK Platform

Panorama9

PDF Architect

PeaZip

Perimeter 81

Pidgin

PL/SQL Developer

Plex Media Server

PostgreSQL 12

Postman x86_64

PowerBI Desktop

ProFile

Pulse Secure

Putty

Python Launcher

Pythonnet

QBFC

qBittorrent

Questrade Edge

QuickBooks Premier

Rancher Desktop

Raspberry Pi Imager

Reaktek Audio Driver

RealVNC Server

reMarkable

Remote Access

Resource Hacker

RICOH drivers and firmware

RingCentral

Rocks'n'Diamonds

Room Sketcher

SafeNet Authentication

Sage 50 Accounting

ScanSnap Home

ScreenConnect Client

ShowMyPC

SiriKali

SketchUp

Skype

Slacktechnologies Slack

Smart Switch

Sonos Controller

Sophos Endpoint Agent

SourceTree

SpeedFan

Splashtop Sos

SQL Server 2019

SQL Server 2022

Sublime Text 3

SunplusIT drivers and firmware

superpowered.me

Symantec AgentInstall

SyncBackFree

Synology Acvtive Backup for Business

Synology Assistant

TaxCycle

Taxprep Forms

Teamviewer

Tenable Nessus

Tenorshare

Terraformer

Thunderbird

Tidalmusicas Tidal

TightVNC

Titus Classification

TriGrid Windows Connector

Trillian

TruGrid Windows Connector

TunnelBear

U.S. Robotics Corporation Model 5637 Voice Driver

Ubuntu

Umbrella Roaming Client

Valve Steam

VeraCrypt

Visual Studio 2015

Visual Studio 2019

Visual Studio 2022

VLC

VMware Tools

Wildix Integration Service

WinDjView

Windows Defender updates

WinFsp 2023

WinPcap

WinRAR

WireGuard

Wireshark

WordPress.com

X Split Gamecaster

XAMPP 8.1

Xerox WorkCentre

Xming

XnResize

XnView Classic

XnView MP

Xprotect

Yarn

Yealink USB Connect

Yubikey Manager

Zebra Setup Utilities

Zed Attack Proxy (ZAP)

Zoom

Zwift

Logos, products, trade names, and company names are all the property of their respective trademark holders.
The above listing includes products that Lavawall® monitors through public information and/or proprietary statistical analysis.
Although we do have a partner relationship with some of the listed products and companies, they do not necessarily endorse Lavawall® or have integrations with our systems.