Every CVE whose affected-product data names Fortinet Fortiedr, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2022-23441 — CVSS 9.1 (critical): A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiEDR versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow an unauthenticated…
CVE-2023-33303 — CVSS 8.1 (high): A insufficient session expiration in Fortinet FortiEDR version 5.0.0 through 5.0.1 allows attacker to execute unauthorized code or commands…
CVE-2022-23440 — CVSS 7.8 (high): A use of hard-coded cryptographic key vulnerability [CWE-321] in the registration mechanism of FortiEDR collectors versions 5.0.2, 5.0.1…
CVE-2022-29057 — CVSS 5.4 (medium): A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiEDR version 5.1.0, 5.0.0 through…
CVE-2022-39949 — CVSS 4.4 (medium): An improper control of a resource through its lifetime vulnerability [CWE-664] in FortiEDR CollectorWindows 4.0.0 through 4.1, 5.0.0…
CVE-2022-23446 — CVSS 4.4 (medium): A improper control of a resource through its lifetime in Fortinet FortiEDR version 5.0.3 and earlier allows attacker to make the whole…
CVE-2023-44248 — CVSS 4.4 (medium): An improper access control vulnerability [CWE-284] in FortiEDRCollectorWindows version 5.2.0.4549 and below, 5.0.3.1007 and below, 4.0 all…