CVE-2025-59922

Name of the Vulnerable Software and Affected Versions Fortinet FortiClientEMS versions 7.0 through 7.4.4 Fortinet FortiClientEMS versions 7.2.0 through 7.2.10 Fortinet FortiClientEMS versions 7.4.0 through 7.4.1 Fortinet FortiClientEMS versions 7.4.3 through 7.4.4

Description An improper neutralization of special elements used in an SQL command vulnerability exists. This issue may allow an authenticated attacker with at least read-only admin permission to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests.

Recommendations Fortinet FortiClientEMS versions 7.0 through 7.4.4: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Fortinet FortiClientEMS versions 7.2.0 through 7.2.10: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Fortinet FortiClientEMS versions 7.4.0 through 7.4.1: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Fortinet FortiClientEMS versions 7.4.3 through 7.4.4: At the moment, there is no information about a newer version that contains a fix for this vulnerability.