Fortinet FortiClient Elevation of Privilege Vulnerability (CNVD-2021-102008)

FortiClient is a mobile endpoint security solution from Fortinet, Inc. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance, and two-factor authentication when connected to a FortiGate firewall appliance.FortiClient is vulnerable to an elevation of privilege vulnerability that originates when an application loads a DLL library in an insecure manner. An attacker could exploit this vulnerability to put a carefully constructed OpenSSL library into the search path and execute arbitrary code on the system with elevated privileges.