Memory Write Vulnerability in Fortinet FortiClient Drivers
CVE-2015-5735

Currently unrated

Key Information:

Vendor

Fortinet
Status
Forticlient
Vendor
CVE Published:
3 September 2015

What is CVE-2015-5735?

The Fortinet FortiClient software has a vulnerability within its drivers, specifically mdare64_48.sys, mdare32_48.sys, mdare32_52.sys, and mdare64_52.sys, that allows local users to gain unauthorized access to system memory. By executing a specific ioctl call (0x226108), an attacker can write data to arbitrary memory locations, potentially leading to further system compromise or escalation of privileges. It is crucial for users and administrators of FortiClient to ensure they are running versions 5.2.4 or later to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.coresecurity.com/advisories/forticlient-antivi...
x_refsource_MISC
http://packetstormsecurity.com/files/133398/FortiClient-A...
x_refsource_MISC
http://www.securitytracker.com/id/1033439
vdb-entryx_refsource_SECTRACK

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.