Unrated severityNVD Advisory· Published Oct 14, 2025· Updated Feb 26, 2026
CVE-2025-31365
CVE-2025-31365
Description
An Improper Control of Generation of Code ('Code Injection') vulnerability [CWE-94] in FortiClientMac 7.4.0 through 7.4.3, 7.2.1 through 7.2.8 may allow an unauthenticated attacker to execute arbitrary code on the victim's host via tricking the user into visiting a malicious website.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:fortinet:forticlientmac:7.4.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:fortinet:forticlientmac:7.4.3:*:*:*:*:*:*:*range: 7.4.0
- (no CPE)range: >=7.2.1 <=7.2.8 or >=7.4.0 <=7.4.3
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.