FortiClientWindows & FortiClient EMS - Privilege escalation via DLL Hijacking

2021-11-2900:00:00

FortiGuard Labs

www.fortiguard.com

0.001 Low

EPSS

Percentile

26.6%

JSON

An unsafe search path vulnerability in FortiClient and FortiClient EMS may allow an attacker to perform a DLL Hijack attack on affected devices via a malicious OpenSSL engine library in the search path.

CPENameOperatorVersion
forticlientemseq7.0.0
forticlientemseq6.4.4
forticlientemseq6.4.3
forticlientemseq6.4.2
forticlientemseq6.4.1
forticlientemseq6.4.0
forticlientemseq6.2.9
forticlientemseq6.2.8
forticlientemseq6.2.7
forticlientemseq6.2.6

Name	Operator	Version
forticlientems	eq	7.0.0
forticlientems	eq	6.4.4
forticlientems	eq	6.4.3
forticlientems	eq	6.4.2
forticlientems	eq	6.4.1
forticlientems	eq	6.4.0
forticlientems	eq	6.2.9
forticlientems	eq	6.2.8
forticlientems	eq	6.2.7
forticlientems	eq	6.2.6

Rows per page:

1-10 of 521

0.001 Low

EPSS

Percentile

26.6%

JSON

Related for FG-IR-21-088