Description
An external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High
E
Physical
RL
X
RC
X
Affected products
- fortinet / forticlientmac7.2.0 – 7.2.3
- fortinet / forticlientmac7.0.6 – 7.0.10
References
- VENDOR_ADVISORYhttps://fortiguard.com/psirt/FG-IR-23-345