Lucene search

K
nvd[email protected]NVD:CVE-2015-5736
HistorySep 03, 2015 - 2:59 p.m.

CVE-2015-5736

2015-09-0314:59:06
CWE-264
web.nvd.nist.gov
3

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7

Confidence

High

EPSS

0.001

Percentile

26.0%

The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 ioctl call.

Affected configurations

Nvd
Node
fortinetforticlientRange5.2.3
VendorProductVersionCPE
fortinetforticlient*cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:*:*:*

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7

Confidence

High

EPSS

0.001

Percentile

26.0%