The vulnerability of Fortinet’s antivirus software for FortiOS operating systems and Fortinet FortiClient for Mac security solutions stems from a flaw in the data protection mechanism. This flaw allows attackers to circumvent security restrictions.

🗓️ 28 Oct 2022 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 4 Views

Fortinet antivirus for FortiOS and FortiClient for Mac has a data protection flaw that allows remote bypass via RAR archives.

Reporter	Title	Published	Views	Family All 12
CNNVD	Fortinet FortiOS and Fortinet FortiClient Security Feature Issue Vulnerability	1 Dec 202000:00	–	cnnvd
CVE	CVE-2020-9295	17 Mar 202513:40	–	cve
Cvelist	CVE-2020-9295	17 Mar 202513:40	–	cvelist
EUVD	EUVD-2020-30121	7 Oct 202500:30	–	euvd
Fortinet	AV Engine evasion via malformed RAR file	1 Dec 202000:00	–	fortinet
Tenable Nessus	Fortinet Fortigate Security Best Practice: Antivirus evasion via malformed RAR file (FG-IR-20-037)	27 Oct 202400:00	–	nessus
NCSC	Issues fixed in FortiOS	2 Dec 202000:00	–	ncsc
NVD	CVE-2020-9295	17 Mar 202514:15	–	nvd
OSV	CVE-2020-9295	17 Mar 202514:15	–	osv
Positive Technologies	PT-2020-6791 · Fortinet · Fortios +1	1 Dec 202000:00	–	ptsecurity

Vulners

Node

fortinet fortinet_antivirus_(av)_engineRange≤6.00144

Source	Link
fortiguard	www.fortiguard.com/psirt/FG-IR-20-037
docs	www.docs.fortinet.com/document/forticlient/6.4.1/macos-release-notes/510031/resolved-issues
web	www.web.nvd.nist.gov/view/vuln/detail
fortiguard	www.fortiguard.com/psirt/FG-IR-20-037

28 Oct 2022 00:00Current

5.4Medium risk

Vulners AI Score5.4

CVSS 27.5

CVSS 38.3

EPSS0.00303

fortinet antivirus forti os mac client remote bypass rar archives