Fortinet Fortiedr
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Fortinet Fortiedr.
By the Year
In 2025 there have been 0 vulnerabilities in Fortinet Fortiedr. Fortiedr did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 2 | 6.80 |
| 2022 | 4 | 6.68 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Fortiedr vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Fortinet Fortiedr Security Vulnerabilities
An improper access control vulnerability [CWE-284] in FortiEDRCollectorWindows version 5.2.0.4549 and below, 5.0.3.1007 and below, 4.0 all may
CVE-2023-44248
5.5 - Medium
- November 14, 2023
An improper access control vulnerability [CWE-284] in FortiEDRCollectorWindows version 5.2.0.4549 and below, 5.0.3.1007 and below, 4.0 all may allow a local attacker to prevent the collector service to start in the next system reboot by tampering with some registry keys of the service.
A insufficient session expiration in Fortinet FortiEDR version 5.0.0 through 5.0.1
CVE-2023-33303
8.1 - High
- October 13, 2023
A insufficient session expiration in Fortinet FortiEDR version 5.0.0 through 5.0.1 allows attacker to execute unauthorized code or commands via api request
Insufficient Session Expiration
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiEDR version 5.1.0, 5.0.0 through 5.0.3 Patch 6 and 4.0.0
CVE-2022-29057
5.4 - Medium
- July 19, 2022
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiEDR version 5.1.0, 5.0.0 through 5.0.3 Patch 6 and 4.0.0 allows a remote authenticated attacker to perform a reflected cross site scripting attack (XSS) by injecting malicious payload into the Management Console via various endpoints.
XSS
A use of hard-coded cryptographic key vulnerability [CWE-321] in the registration mechanism of FortiEDR collectors versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may
CVE-2022-23440
7.8 - High
- April 06, 2022
A use of hard-coded cryptographic key vulnerability [CWE-321] in the registration mechanism of FortiEDR collectors versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow a local attacker to disable and uninstall the collectors from the end-points within the same deployment.
Use of Hard-coded Credentials
A improper control of a resource through its lifetime in Fortinet FortiEDR version 5.0.3 and earlier
CVE-2022-23446
4.4 - Medium
- April 06, 2022
A improper control of a resource through its lifetime in Fortinet FortiEDR version 5.0.3 and earlier allows attacker to make the whole application unresponsive via changing its root directory access permission.
A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiEDR versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may
CVE-2022-23441
9.1 - Critical
- April 06, 2022
A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiEDR versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow an unauthenticated attacker on the network to disguise as and forge messages from other collectors.
Use of Hard-coded Credentials
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Fortinet Fortiedr or by Fortinet? Click the Watch button to subscribe.
