Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, (4) mdare64_52.sys, and (5) Fortishield.sys drivers in Fortinet FortiClient before 5.2.4 do not properly restrict access to the API for management of processes and the Windows registry, which allows local users to obtain a privileged handle to a PID and possibly have unspecified other impact, as demonstrated by a 0x2220c8 ioctl call.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Fortinet FortiClient 权限许可和访问控制漏洞
Vulnerability Description
Fortinet FortiClient是美国飞塔(Fortinet)公司的一套移动终端安全解决方案。该方案与FortiGate防火墙设备连接时可提供IPsec和SSL加密、广域网优化、终端合规和双因子认证等功能。 Fortinet FortiClient 5.2.3及之前版本的多个驱动程序(mdare64_48.sys,mdare32_48.sys,mdare32_52.sys,mdare64_52.sys,Fortishield.sys)中存在安全漏洞,该漏洞源于程序没有正确限制访问用于进程管理和Wi
CVSS Information
N/A
Vulnerability Type
N/A