CVE-2024-35281 – FortiClientMac and FortiVoiceUCDesktop Code Injection Vulnerability

May 13, 2025

CVE ID : CVE-2024-35281

Published : May 13, 2025, 3:15 p.m. | 1 hour, 9 minutes ago

Description : An improper isolation or compartmentalization vulnerability [CWE-653] in FortiClientMac version 7.4.2 and below, version 7.2.8 and below, 7.0 all versions and FortiVoiceUCDesktop 3.0 all versions desktop application may allow an authenticated attacker to inject code via Electron environment variables.

Severity: 2.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-22859 – FortiClientEMS Relative Path Traversal File Write Vulnerability

Next Article CVE-2024-12533 – Apache Phoenix SecureCore Technology Input Validation Bypass

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

This week in AI dev tools: A2A donated to Linux Foundation, OpenAI adds Deep Research to API, and more (June 27, 2025)

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

After 14 years, Monster Hunter Wilds is bringing back underwater combat alongside “Lagiacrus” and another familiar monster — the impossible has happened

OpenAI may prematurely declare AGI to cut ties with Microsoft — despite Sam Altman admitting today’s tech isn’t built for it

Forget YouTube’s ad blocker war — this Google AI Overviews clone might finally sell me on the $14/month Premium subscription

Say hello to ECMAScript 2025

Say hello to ECMAScript 2025

Ecma International approves ECMAScript 2025: What’s new?

Building Together: PRFT Colleagues Volunteer with Atlanta Habitat for Humanity

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

After 14 years, Monster Hunter Wilds is bringing back underwater combat alongside “Lagiacrus” and another familiar monster — the impossible has happened

OpenAI may prematurely declare AGI to cut ties with Microsoft — despite Sam Altman admitting today’s tech isn’t built for it

CVE-2024-35281 – FortiClientMac and FortiVoiceUCDesktop Code Injection Vulnerability

CVE-2025-32897 – Apache Seata (incubating) Untrusted Data Deserialization Vulnerability

CVE-2025-6822 – Code-projects Inventory Management System SQL Injection Vulnerability

Mysterious Disappearance of Cybersecurity Expert Xiaofeng Wang and Wife Triggers FBI Raids

5 vinyl products every collector should have (and why they make such a big difference)

The Elder Scrolls 4: Oblivion Remastered review roundup — Here’s what critics had to say for this remastered edition of one of Bethesda’s classic RPGs

CVE-2025-46236 – Link Software LLC HTML Forms Stored Cross-site Scripting (XSS)

Mobile App Development Policy

CodeSOD: The Variable Toggle

Why 2025 Is the Perfect Time to Invest in AI-Powered Business Solutions🚀

WordPress AI Engine Flaw (CVE-2025-5071): Critical Bug Allows Subscriber-Level Account Takeover

CVE-2024-35281 – FortiClientMac and FortiVoiceUCDesktop Code Injection Vulnerability

Related Posts