CVE-2021-22127
Severity
8.0HIGH
EPSS
0.2%
top 63.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 6
Latest updateApr 7
Description
An improper input validation vulnerability in FortiClient for Linux 6.4.x before 6.4.3, FortiClient for Linux 6.2.x before 6.2.9 may allow an unauthenticated attacker to execute arbitrary code on the host operating system as root via tricking the user into connecting to a network with a malicious name.
CVSS vector
CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9
Affected Packages2 packages
▶CVEListV5fortinet/fortinet_forticlientlinuxFortiClientLinux 6.4.2 and below, FortiClientLinux 6.2.8 and below
🔴Vulnerability Details
2📋Vendor Advisories
1Fortinet▶
An improper input validation vulnerability in FortiClient for Linux 6.4.x before 6.4.3, FortiClient for Linux 6.2.x befo...↗2022-04-06