A external control of file name or path in Fortinet FortiClientWindows version 7.0.2 and below, version 6.4.6 and below, version 6.2.9 and below, version 6.0.10 and below allows attacker to escalate privilege via the MSI installer.
References
Link | Resource |
---|---|
https://fortiguard.com/advisory/FG-IR-21-154 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
12 Jul 2022, 17:42
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-668 |
19 May 2022, 14:21
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 7.8 |
CPE | cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:* | |
References | (CONFIRM) https://fortiguard.com/advisory/FG-IR-21-154 - Vendor Advisory | |
CWE | CWE-610 |
11 May 2022, 17:20
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-05-11 16:15
Updated : 2024-02-04 22:29
NVD link : CVE-2021-43066
Mitre link : CVE-2021-43066
CVE.ORG link : CVE-2021-43066
JSON object : View
Products Affected
fortinet
- forticlient
CWE
CWE-668
Exposure of Resource to Wrong Sphere