Lucene search

MitreCVE-2015-5737

HistorySep 03, 2015 - 2:59 p.m.

CVE-2015-5737

2015-09-0314:59:07

CWE-264

mitre

web.nvd.nist.gov

fortinet forticlient

cve-2015-5737

drivers

local users

pid

ioctl call

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.8

Confidence

High

EPSS

Percentile

5.1%

JSON

The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, (4) mdare64_52.sys, and (5) Fortishield.sys drivers in Fortinet FortiClient before 5.2.4 do not properly restrict access to the API for management of processes and the Windows registry, which allows local users to obtain a privileged handle to a PID and possibly have unspecified other impact, as demonstrated by a 0x2220c8 ioctl call.

Affected configurations

Nvd

Node

fortinetforticlientRange≤5.2.3

VendorProductVersionCPE
fortinetforticlient*cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
fortinet	forticlient	*	cpe:2.3:a:fortinet:forticlient::::::::

References

fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient

packetstormsecurity.com/files/133398/FortiClient-Antivirus-Information-Exposure-Access-Control.html

seclists.org/fulldisclosure/2015/Sep/0

www.coresecurity.com/advisories/forticlient-antivirus-multiple-vulnerabilities

www.fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient

www.securityfocus.com/archive/1/536369/100/0/threaded

www.securitytracker.com/id/1033439

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.8

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2015-5737