Fortinet Forticlient 6.0.4 Remote Code Execution Vulnerability

Summary

A local privilege escalation in Fortinet FortiClient for Windows 6.0.4 and earlier allows attacker to execute unauthorized code or commands via the parsing of the file.

Credit:

The information has been provided by Kevin Joensen
The original article can be found at: https://fortiguard.com/advisory/FG-IR-18-108


Details

A researcher has disclosed several vulnerabilities against FortiClient for Windows, the combination of these vulnerabilities can turn into an exploit chain, which allows a user to gain system privileges on Microsoft Windows.

Vulnerable Systems:

  • Fortinet Forticlient 6.0.4

CVE Information:

CVE-2019-9193

Disclosure Timeline:
Publish Date:05/30/2019

Categories: News