CVE-2021-44169

A improper initialization in Fortinet FortiClient (Windows) version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory.
References
Link Resource
https://fortiguard.com/psirt/FG-IR-21-238 Patch Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*
cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*
cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*
cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*

History

14 Apr 2022, 13:41

Type Values Removed Values Added
CPE cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*
References (CONFIRM) https://fortiguard.com/psirt/FG-IR-21-238 - (CONFIRM) https://fortiguard.com/psirt/FG-IR-21-238 - Patch, Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : 4.6
v3 : 8.8
CWE CWE-665

06 Apr 2022, 10:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-04-06 10:15

Updated : 2024-02-04 22:29


NVD link : CVE-2021-44169

Mitre link : CVE-2021-44169

CVE.ORG link : CVE-2021-44169


JSON object : View

Products Affected

fortinet

  • forticlient
CWE
CWE-665

Improper Initialization