A Heap-based Buffer Overflow vulnerability [CWE-122] vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.8 may allow an authenticated local IPSec user to execute arbitrary code or commands via "fortips_74.sys". The attacker would need to bypass the Windows heap integrity protections
oryginał ENCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:HFortinet Forticlient
APPFortinet7.2.0 – 7.2.9 (bez)7.4.0 – 7.4.4 (bez)
Powiązane podatności
Code injection w Fortinet FortiClientLinux umożliwiający RCE
An unquoted service path vulnerability in the FortiClient FortiTray component of FortiClientWindows v6.2.2 and...
A UNIX symbolic link (Symlink) following vulnerability in Fortinet FortiClientLinux 7.4.0 through 7.4.4, Forti...
An Improper Link Resolution Before File Access ('Link Following') vulnerability [CWE-59] vulnerability in Fort...
An Exposed IOCTL with Insufficient Access Control vulnerability [CWE-782] vulnerability in Fortinet FortiClien...