FortiEDR CollectorWindows - protection bypass by killing the process with special tools

2022-11-0100:00:00

FortiGuard Labs

www.fortiguard.com

improper control vulnerability

fortiedr collectorwindows

edr protection

special tools

0.0004 Low

EPSS

Percentile

12.6%

JSON

An improper control of a resource through its lifetime vulnerability [CWE-664] in FortiEDR CollectorWindows may allow a privileged user to terminate the FortiEDR processes with special tools and bypass the EDR protection.

CPENameOperatorVersion
fortiedreq5.2.0
fortiedreq5.1.0
fortiedreq5.0.1
fortiedreq5.0.0
fortiedreq4.0.0

Name	Operator	Version
fortiedr	eq	5.2.0
fortiedr	eq	5.1.0
fortiedr	eq	5.0.1
fortiedr	eq	5.0.0
fortiedr	eq	4.0.0

0.0004 Low

EPSS

Percentile

12.6%

JSON

Related for FG-IR-22-218