Privilege Escalation Vulnerability in FortiClient by Fortinet
CVE-2016-8493

8.8HIGH

Key Information:

Vendor: Fortinet
Status: Fortinet Forticlient
Vendor: CVE Published:; 26 June 2017

What is CVE-2016-8493?

A vulnerability in the FortiClient product, specifically in versions 5.4.1 and 5.4.2, allows attackers to escalate their privileges. Exploiting this issue involves manipulating the FortiClientNamedPipe, potentially granting unauthorized access to sensitive areas of the system. This flaw underscores the importance of keeping security software updated and implementing best practices for cybersecurity.

Affected Version(s)

Fortinet FortiClient FortiClient 5.4.2, 5.4.1

References

https://fortiguard.com/psirt/FG-IR-16-095

x_refsource_CONFIRM

http://www.securityfocus.com/bid/101682

vdb-entryx_refsource_BID

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2017
Vulnerability Reserved
Oct 7, 2016