Lucene search
PRIOn knowledge basePRION:CVE-2022-33877HistoryJun 13, 2023 - 9:15 a.m.
Default configuration
2023-06-1309:15:00
PRIOn knowledge base
www.prio-n.com
16
vulnerability
forticlient
forticonverter
windows
version
permission
nvd
insecure folder
local attacker
tamper
installation folder
cwe-276
An incorrect default permission [CWE-276] vulnerability in FortiClient (Windows) versions 7.0.0 through 7.0.6 and 6.4.0 through 6.4.8 and FortiConverter (Windows) versions 6.2.0 through 6.2.1, 7.0.0 and all versions of 6.0.0 may allow a local authenticated attacker to tamper with files in the installation folder, if FortiClient or FortiConverter is installed in an insecure folder.
| CPE | Name | Operator | Version |
|---|---|---|---|
| forticlient | ge | 6.4.0 | |
| forticlient | le | 6.4.8 | |
| forticlient | ge | 7.0.0 | |
| forticlient | le | 7.0.6 | |
| forticonverter | eq | 7.0.0 | |
| forticonverter | eq | 6.2.0 | |
| forticonverter | eq | 6.2.1 | |
| forticonverter | ge | 6.0.0 | |
| forticonverter | le | 6.0.3 |
References
Related
cvelist
cvelist
CVE-2022-33877
2023-06-13 08:41:40
cve
cve
CVE-2022-33877
2023-06-13 09:15:14
nessus
nessus
Fortinet FortiClient (Windows) - Insecure Installation Folder (FG-IR-22-229)
2023-06-12 00:00:00
fortinet
fortinet
nvd
nvd
CVE-2022-33877
2023-06-13 09:15:14