Skip to content
/ CVE-2019-17658 Public

Unquoted Service Path exploit in FortiClient (CVE-2019-17658)

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Ibonok/CVE-2019-17658

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
README.md
README.md
 
 

Repository files navigation

Unquoted Service Path exploit in FortiClient (CVE-2019-17658)

FortiClient for Windows prior to 6.2.3 is vulnerable to an unquoted service path vulnerability. That may allow an attacker to gain elevated privileges via the FortiClientConsole executable service path.

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Component

FortiClient FortiTray

Affected Products

FortiClient for Windows Versions 6.2.2 and below.

Patched in Version

FortiClient for Windows version 6.2.3 or above.

PoC

Private: The PoC is not published because it's obvious.

Links:

About

Unquoted Service Path exploit in FortiClient (CVE-2019-17658)

Topics

security description cve fortigate forticlient cve-2019-17658

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published