Skip to main content

Forticlientems

10 CVEs product

Monthly

CVE-2026-59836 CRITICAL Act Now

Improper TLS certificate validation in Fortinet FortiClientEMS (Endpoint Management Server) exposes sensitive information to network-positioned attackers across FortiClientEMS 7.2 (all listed builds up to 7.2.14), 7.4.0–7.4.1, and 7.4.3–7.4.5. Because the client fails to properly verify server certificates (CWE-295), an attacker able to intercept EMS communications can decrypt or observe protected traffic to disclose information. There is no public exploit identified at time of analysis and CISA SSVC scores exploitation as 'none', but Fortinet rates the flaw CVSS 9.8, so patching should be prioritized despite the lack of observed exploitation.

Fortinet Information Disclosure Forticlientems
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-59922 HIGH This Week

An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] vulnerability in Fortinet FortiClientEMS 7.4.3 through 7.4.4, FortiClientEMS 7.4.0 through 7.4.1, FortiClientEMS 7.2.0 through 7.2.10, FortiClientEMS 7.0 all versions may allow an authenticated attacker with at least read-only admin permission to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests. [CVSS 7.2 HIGH]

Fortinet SQLi Forticlientems
NVD
CVSS 3.1
7.2
EPSS
0.1%
CVE-2024-32119 MEDIUM This Month

A security vulnerability in Fortinet FortiClientEMS (CVSS 4.8). Remediation should follow standard vulnerability management procedures.

Fortinet Authentication Bypass Forticlientems
NVD
CVSS 3.1
4.8
EPSS
0.0%
CVE-2023-48786 MEDIUM This Month

A server-side request forgery vulnerability [CWE-918] in Fortinet FortiClientEMS version 7.4.0 through 7.4.2 and before 7.2.6 may allow an authenticated attacker to perform internal requests via crafted HTTP or HTTPS requests.

Fortinet SSRF Forticlientems
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-22859 MEDIUM This Month

A Relative Path Traversal vulnerability [CWE-23] in FortiClientEMS 7.4.0 through 7.4.1 and FortiClientEMS Cloud 7.4.0 through 7.4.1 may allow a remote unauthenticated attacker to perform a limited. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Forticlientems Forticlientems Cloud Fortinet
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2025-22855 LOW Monitor

An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Fortinet FortiClient before 7.4.1 may allow the EMS administrator to send messages. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Fortinet Forticlientems
NVD
CVSS 3.1
2.7
EPSS
0.2%
CVE-2019-16149 MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation in FortiClientEMS version 6.2.0 may allow a remote attacker to execute unauthorized code by injecting malicious payload in the user. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable. No vendor patch available.

XSS Fortinet Forticlientems
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-36510 MEDIUM This Month

An observable response discrepancy vulnerability [CWE-204] in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all versions, and FortiSOAR 7.5.0, 7.4.0 through 7.4.4, 7.3.0 through 7.3.2, 7.2 all. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Forticlientems Fortisoar
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2024-36506 LOW Monitor

An improper verification of source of a communication channel vulnerability [CWE-940] in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all versions, 6.4 all versions may allow a remote attacker to. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Forticlientems Forticlientems Cloud
NVD
CVSS 3.1
3.7
EPSS
0.3%
CVE-2024-23106 HIGH This Month

An improper restriction of excessive authentication attempts [CWE-307] in FortiClientEMS version 7.2.0 through 7.2.4 and before 7.0.10 allows an unauthenticated attacker to try a brute force attack. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Forticlientems
NVD
CVSS 3.1
8.1
EPSS
0.9%
EPSS 0% CVSS 9.8
CRITICAL Act Now

Improper TLS certificate validation in Fortinet FortiClientEMS (Endpoint Management Server) exposes sensitive information to network-positioned attackers across FortiClientEMS 7.2 (all listed builds up to 7.2.14), 7.4.0–7.4.1, and 7.4.3–7.4.5. Because the client fails to properly verify server certificates (CWE-295), an attacker able to intercept EMS communications can decrypt or observe protected traffic to disclose information. There is no public exploit identified at time of analysis and CISA SSVC scores exploitation as 'none', but Fortinet rates the flaw CVSS 9.8, so patching should be prioritized despite the lack of observed exploitation.

Fortinet Information Disclosure Forticlientems
NVD
EPSS 0% CVSS 7.2
HIGH This Week

An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] vulnerability in Fortinet FortiClientEMS 7.4.3 through 7.4.4, FortiClientEMS 7.4.0 through 7.4.1, FortiClientEMS 7.2.0 through 7.2.10, FortiClientEMS 7.0 all versions may allow an authenticated attacker with at least read-only admin permission to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests. [CVSS 7.2 HIGH]

Fortinet SQLi Forticlientems
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

A security vulnerability in Fortinet FortiClientEMS (CVSS 4.8). Remediation should follow standard vulnerability management procedures.

Fortinet Authentication Bypass Forticlientems
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A server-side request forgery vulnerability [CWE-918] in Fortinet FortiClientEMS version 7.4.0 through 7.4.2 and before 7.2.6 may allow an authenticated attacker to perform internal requests via crafted HTTP or HTTPS requests.

Fortinet SSRF Forticlientems
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

A Relative Path Traversal vulnerability [CWE-23] in FortiClientEMS 7.4.0 through 7.4.1 and FortiClientEMS Cloud 7.4.0 through 7.4.1 may allow a remote unauthenticated attacker to perform a limited. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Forticlientems Forticlientems Cloud +1
NVD
EPSS 0% CVSS 2.7
LOW Monitor

An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Fortinet FortiClient before 7.4.1 may allow the EMS administrator to send messages. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Fortinet Forticlientems
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation in FortiClientEMS version 6.2.0 may allow a remote attacker to execute unauthorized code by injecting malicious payload in the user. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable. No vendor patch available.

XSS Fortinet Forticlientems
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

An observable response discrepancy vulnerability [CWE-204] in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all versions, and FortiSOAR 7.5.0, 7.4.0 through 7.4.4, 7.3.0 through 7.3.2, 7.2 all. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Forticlientems Fortisoar
NVD
EPSS 0% CVSS 3.7
LOW Monitor

An improper verification of source of a communication channel vulnerability [CWE-940] in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all versions, 6.4 all versions may allow a remote attacker to. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Forticlientems Forticlientems Cloud
NVD
EPSS 1% CVSS 8.1
HIGH This Month

An improper restriction of excessive authentication attempts [CWE-307] in FortiClientEMS version 7.2.0 through 7.2.4 and before 7.0.10 allows an unauthenticated attacker to try a brute force attack. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Forticlientems
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy