Skip to main content
Andrzej_PL
Andrzej_PL
Visitor III
November 28, 2024
Solved

FortiClientEMS v7.2.6 - CVE-2024-11236 Out of Bounds Write Vulnerability

  • November 28, 2024
  • 5 replies
  • 3977 views

Hi,

I'm testing the FortiClient EMS solution on a trial license. After updating to version 7.2.6, the system detected the PHP CVE-2024-11236 Out of Bounds Write Vulnerability. Is there a way to report this to have the vulnerable application version updated?

Best answer by dingjerry_FTNT

Hi @Andrzej_PL ,

 

Thanks for reporting this vulnerability.

 

We have this Mantis 1089768 tracking this issue.  The fix will be included in FortiClient EMS 7.2.7 GA.

5 replies

sjoshi
Staff
sjoshi
Staff
November 28, 2024

Hi,

 

Please refer:-

https://www.fortiguard.com/encyclopedia/endpoint-vuln/82436

 

I do not see forticlient ems is affected

Thanks, Salon
    Andrzej_PL
    Andrzej_PLAuthor
    Visitor III
    November 28, 2024

    ok but it is scan result on ems server - version 7.2.6 is windows platform

     

    Zrzut ekranu 2024-11-28 150916.png

    sjoshi
    Staff
    sjoshi
    Staff
    November 28, 2024

    This Forticlient is install in the wins server where EMS server is setup?

    Thanks, Salon
    dingjerry_FTNT
    Staff
    dingjerry_FTNTAnswer
    Staff
    December 2, 2024

    Hi @Andrzej_PL ,

     

    Thanks for reporting this vulnerability.

     

    We have this Mantis 1089768 tracking this issue.  The fix will be included in FortiClient EMS 7.2.7 GA.

      Andrzej_PL
      Andrzej_PLAuthor
      Visitor III
      December 13, 2024

      Hi,

      unfortunately, the problem remains in the new client version 7.2.7 - the version of the php application with the given vulnerability is still used. php.exe must be in version 8.3.14, and it is in 8.3.13

       

      Zrzut ekranu 2024-12-13 100626.pngZrzut ekranu 2024-12-13 095428.pngZrzut ekranu 2024-12-13 095344.png

        CARCAL
        CARCAL
        Explorer
        August 9, 2025

        Hi,

        Unfortunately, the problem still remains in the new client version 7.2.11.1241 - The version of the php application with the given vulnerability is 8.3.14, as you can see below.

         

        In the same machine with Windows Server 2022 I also have installed FortiClient EMS Console 7.2.10 build 1222 version.

         

        PHP CVE FortiClient Medium.png

         

        PHP CVE FortiClient High.png

         

         

        funkylicious
        SuperUser
        funkylicious
        SuperUser
        August 9, 2025

        maybe its time for EMS 7.4.x which runs on Ubuntu 

        "jack of all trades, master of none"
        FWKing18
        FWKing18
        New Member
        February 3, 2026

        EMS.png

        I know how to fix!!!! 

        1. Go to https://windows.php.net/download
        2. Download the zip files for the latest x86 version of PHP (NOT the TOP SOURCE code) from the same branch as what is currently on your EMS Server
          • In the example above, you would download the latest 8.3.x version of the x86 and builds of PHP, since the PHP in Program Files (x86).. Fortinet
        3. Cut and copy past old version onto the desktop. Then off the downloaded zip, get the new PHP.exe file  version 8.3.29----> replace 8.3.23

        If you keep downloading newer versions of FortiClientEMS 7.2.11, 7.2.12, 7.2.13 etc., you'll keep chasing the php 8.3.X versions indefinitely.

        FWKing18
        FWKing18
        New Member
        February 3, 2026

        php location.png

        In reference to my comment above, this is the location in which I go the ZIP file. My FortiClientEMS is version 7.2.13, and the php files inside is 8.3.23. I think I choose thread safe, not sure what that means vs. non-thread safe. The php file located inside was 8.3.29. It worked!

        Terms & ConditionsAccessibility statement