Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
fortinetFortiGuard LabsFG-IR-17-070
HistoryDec 13, 2017 - 12:00 a.m.

Gain Windows privileges with FortiClient vpn before logon and untrusted certificate

2017-12-1300:00:00
FortiGuard Labs
www.fortiguard.com
12

EPSS

0.009

Percentile

82.6%

JSON

When the “VPN before logon” feature of FortiClient Windows is enabled (disabled by default), and when the server certificate is not valid, it is possible for an attacker without a user account on the targeted Windows workstation to obtain SYSTEM level privileges, via exploiting the Windows “security alert” dialog thereby popping up.
This may be achieved locally or remotely (for instance through RDP, if the logon screen is exposed).

Related

prion 1
cve 1
cvelist 1
nvd 1
prion
prion
Privilege escalation
2017-12-14 18:29:00
cve
cve
CVE-2017-7344
2017-12-14 18:29:00
cvelist
cvelist
CVE-2017-7344
2017-12-14 18:00:00
nvd
nvd
CVE-2017-7344
2017-12-14 18:29:00

EPSS

0.009

Percentile

82.6%

JSON
Related for FG-IR-17-070
prion1cve1cvelist1nvd1