CVE-2021-43066

🗓️ 11 May 2022 15:40:10Reported by fortinetType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 69 Views

Fortinet FortiClientWindows version 7.0.2 and below, version 6.4.6 and below, version 6.2.9 and below, version 6.0.10 and below allows external control of file name or path, leading to privilege escalation

Reporter	Title	Published	Views	Family All 10
BDU FSTEC	The vulnerability of the FortiClient.msi installer of the Fortinet FortiClient for Windows security solution allows a malicious individual to escalate their privileges.	12 Dec 202200:00	–	bdu_fstec
Circl	CVE-2021-43066	11 May 202220:34	–	circl
CNNVD	Fortinet FortiClient 安全漏洞	3 May 202200:00	–	cnnvd
Cvelist	CVE-2021-43066	11 May 202215:40	–	cvelist
EUVD	EUVD-2021-30019	3 Oct 202520:07	–	euvd
Fortinet	FortiClient - Privilege escalation in FortiClient installer	3 May 202200:00	–	fortinet
NCSC	Vulnerability fixed in FortiClient	4 May 202200:00	–	ncsc
NVD	CVE-2021-43066	11 May 202216:15	–	nvd
Prion	Xxe	11 May 202216:15	–	prion
Vulnrichment	CVE-2021-43066	11 May 202215:40	–	vulnrichment

NVD

Node

fortinet forticlientRange6.0.0–6.4.7windows

fortinet forticlientRange7.0.0–7.0.3windows

[
  {
    "product": "Fortinet FortiClientWindows",
    "vendor": "Fortinet",
    "versions": [
      {
        "status": "affected",
        "version": "FortiClientWindows 7.0.2 7.0.1, 7.0.0, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0"
      }
    ]
  }
]