exploitDog

GHSA-2cg5-v97f-xqfq

Опубликовано: 02 дек. 2021

Источник: github

Github: Не прошло ревью

Описание

An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x and FortiClientEMS 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x may allow an attacker to perform a DLL Hijack attack on affected devices via a malicious OpenSSL engine library in the search path.

An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x and FortiClientEMS 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x may allow an attacker to perform a DLL Hijack attack on affected devices via a malicious OpenSSL engine library in the search path.

Ссылки

EPSS

Процентиль: 16%

0.00052

Низкий

CVE ID

Дефекты

CWE-427

Связанные уязвимости

CVE-2021-32592

CVSS3: 7.8

nvd

около 4 лет назад

An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x and FortiClientEMS 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x may allow an attacker to perform a DLL Hijack attack on affected devices via a malicious OpenSSL engine library in the search path.

BDU:2023-00104

CVSS3: 7.8

fstec

около 4 лет назад

Уязвимость установщика средства защиты Fortinet FortiClient for Windows и сервера FortiClient Enterprise Management Server (EMS), позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 16%

0.00052

Низкий

CVE ID

Дефекты

CWE-427