Vulnerability Details CVE-2023-45590
An improper control of generation of code ('code injection') in Fortinet FortiClientLinux version 7.2.0, 7.0.6 through 7.0.10 and 7.0.3 through 7.0.4 allows attacker to execute unauthorized code or commands via tricking a FortiClientLinux user into visiting a malicious website
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 76.1%
CVSS Severity
CVSS v3 Score 9.6
Products affected by CVE-2023-45590
-
cpe:2.3:a:fortinet:forticlient:7.0.10
-
cpe:2.3:a:fortinet:forticlient:7.0.3
-
cpe:2.3:a:fortinet:forticlient:7.0.4
-
cpe:2.3:a:fortinet:forticlient:7.0.6
-
cpe:2.3:a:fortinet:forticlient:7.0.7
-
cpe:2.3:a:fortinet:forticlient:7.0.8
-
cpe:2.3:a:fortinet:forticlient:7.0.9
-
cpe:2.3:a:fortinet:forticlient:7.2.0