CNNVD-202510-1973 Information

CNNVD ID

CNNVD-202510-1973

Related CVE

CVE-2025-31365

• CNNVD Published: 2025-10-14

Description (Chinese)

Fortinet FortiClientMAC是美国飞塔（Fortinet）公司的一款基于macOS平台的安全防护工具。 Fortinet FortiClientMac 7.4.3及之前版本和7.2.8及之前版本存在代码注入漏洞，该漏洞源于代码生成控制不当，可能导致未经验证的攻击者通过诱使用户访问恶意网站执行任意代码。

Description (English)

Fortinet FortiClitMAC is a MacOS-based security protection tool for Fortinet. Fortinet FortiClitMac 7.4.3 and previous versions and 7.2.8 and previous versions had a code-infusion loophole, which stemmed from inadequate code-generation controls and could lead uncertified assailants to enforce random codes by inducing users to access malicious websites.

Hazard Level

High

Vulnerability Type

代码注入

Affected Vendor

飞塔

Published

2025-10-14

Last Modified

2026-02-24

References

https://fortiguard.fortinet.com/psirt/FG-IR-25-037 https://access.redhat.com/security/cve/cve-2025-31365

Patch

https://fortiguard.fortinet.com/psirt/FG-IR-25-037