CVE-2018-13368Improper Privilege Management in Fortinet Forticlient

4 documents4 sources
Severity
7.8HIGHNVD
EPSS
0.2%
top 59.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Fortinet ForticlientFortinet Forticlient FOR Windows
Timeline
PublishedMay 30
Latest updateMay 24

Description

A local privilege escalation in Fortinet FortiClient for Windows 6.0.4 and earlier allows attacker to execute unauthorized code or commands via the command injection.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5fortinet/fortinet_forticlient_for_windows6.0.4 and earlier

🔴Vulnerability Details

2
GHSA
GHSA-5g4v-mg85-vr58: A local privilege escalation in Fortinet FortiClient for Windows 62022-05-24
CVEList
CVE-2018-13368: A local privilege escalation in Fortinet FortiClient for Windows 62019-05-30

📋Vendor Advisories

1
Fortinet
A local privilege escalation in Fortinet FortiClient for Windows 6.0.4 and earlier allows attacker to execute unauthoriz...2019-05-30
CVE-2018-13368 — Improper Privilege Management | cvebase