A privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version 7.0.12 and below, 6.4 all versions may allow an authenticated user to escalate their privileges via lua auto patch scripts.
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:HFortinet Forticlient
APPFortinet6.4.0 β 6.4.107.0.0 β 7.0.13 (bez)7.2.0 β 7.2.5 (bez)
Related vulnerabilities
Code injection w Fortinet FortiClientLinux umoΕΌliwiajΔ cy RCE
An unquoted service path vulnerability in the FortiClient FortiTray component of FortiClientWindows v6.2.2 and...
A UNIX symbolic link (Symlink) following vulnerability in Fortinet FortiClientLinux 7.4.0 through 7.4.4, Forti...
An Improper Link Resolution Before File Access ('Link Following') vulnerability [CWE-59] vulnerability in Fort...
A Heap-based Buffer Overflow vulnerability [CWE-122] vulnerability in Fortinet FortiClientWindows 7.4.0 throug...