FortiSIEM - privilege escalation by script executionution in Windows Agent

2021-11-0200:00:00

FortiGuard Labs

www.fortiguard.com

0.0004 Low

EPSS

Percentile

12.6%

JSON

An improper privilege management vulnerability [CWE-269] in the FortiSIEM Windows Agent may allow an authenticated user to executeÂ unauthorized code or commandsÂ as a privileged userÂ via script execution.

CPENameOperatorVersion
fortisiemwindowsagenteq4.1.4
fortisiemwindowsagenteq4.1.3
fortisiemwindowsagenteq4.1.2
fortisiemwindowsagenteq4.1.1
fortisiemwindowsagenteq4.1.0
fortisiemwindowsagenteq4.0.1
fortisiemwindowsagenteq4.0.0
fortisiemwindowsagenteq3.3.1
fortisiemwindowsagenteq3.3.0
fortisiemwindowsagenteq3.2.3

Name	Operator	Version
fortisiemwindowsagent	eq	4.1.4
fortisiemwindowsagent	eq	4.1.3
fortisiemwindowsagent	eq	4.1.2
fortisiemwindowsagent	eq	4.1.1
fortisiemwindowsagent	eq	4.1.0
fortisiemwindowsagent	eq	4.0.1
fortisiemwindowsagent	eq	4.0.0
fortisiemwindowsagent	eq	3.3.1
fortisiemwindowsagent	eq	3.3.0
fortisiemwindowsagent	eq	3.2.3

Rows per page:

1-10 of 161

0.0004 Low

EPSS

Percentile

12.6%

JSON

Related for FG-IR-21-176