Lucene search

[email protected]NVD:CVE-2015-5737

HistorySep 03, 2015 - 2:59 p.m.

CVE-2015-5737

2015-09-0314:59:07

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

High

EPSS

Percentile

5.1%

JSON

The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, (4) mdare64_52.sys, and (5) Fortishield.sys drivers in Fortinet FortiClient before 5.2.4 do not properly restrict access to the API for management of processes and the Windows registry, which allows local users to obtain a privileged handle to a PID and possibly have unspecified other impact, as demonstrated by a 0x2220c8 ioctl call.

Affected configurations

Nvd

Node

fortinetforticlientRange≤5.2.3

VendorProductVersionCPE
fortinetforticlient*cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
fortinet	forticlient	*	cpe:2.3:a:fortinet:forticlient::::::::

References

fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient

packetstormsecurity.com/files/133398/FortiClient-Antivirus-Information-Exposure-Access-Control.html

seclists.org/fulldisclosure/2015/Sep/0

www.coresecurity.com/advisories/forticlient-antivirus-multiple-vulnerabilities

www.fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient

www.securityfocus.com/archive/1/536369/100/0/threaded

www.securitytracker.com/id/1033439

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2015-5737

prion1 cvelist1 cve1 securityvulns2