Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An improper authorization vulnerability [CWE-285] in FortiClient for Windows versions 7.0.1 and below and 6.4.2 and below may allow a local unprivileged attacker to escalate their privileges to SYSTEM via the named pipe responsible for Forticlient updates.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
Fortinet FortiClientWindows安全漏洞
Vulnerability Description
Fortinet FortiClientWindows是美国飞塔(Fortinet)公司的一套基于Windows平台的移动终端安全解决方案。该方案与FortiGate防火墙设备连接时可提供IPsec和SSL加密、广域网优化、终端合规和双因子认证等功能。 Fortinet FortiClient for Windows 7.0.1 及以下版本和 6.4.2 及以下版本中存在安全漏洞,该漏洞可能允许本地无特权攻击者通过负责 Forticlient 更新的命名管道将其权限提升到 SYSTEM。
CVSS Information
N/A
Vulnerability Type
N/A