An improper authorization vulnerability [CWE-285] in FortiClient for Windows may allow a local unprivileged attacker to escalate their privileges to SYSTEM via the named pipe responsible for Forticlient updates.
CPE | Name | Operator | Version |
---|---|---|---|
forticlientwindows | eq | 7.0.1 | |
forticlientwindows | eq | 7.0.0 | |
forticlientwindows | eq | 6.4.2 | |
forticlientwindows | eq | 6.4.1 | |
forticlientwindows | eq | 6.4.0 |