Null Pointer Dereference in Fortinet FortiClient Windows by Fortinet
CVE-2018-9190
5.5MEDIUM
Summary
A null pointer dereference vulnerability exists in Fortinet's FortiClient for Windows versions 6.0.2 and earlier. This flaw can be exploited by attackers to trigger a denial of service condition through the NDIS miniport driver, leading to potential disruptions in service and loss of availability. Users and organizations utilizing affected versions are advised to implement necessary upgrades and patches to mitigate the risk associated with this vulnerability.
Affected Version(s)
Fortinet FortiClientWindows FortiClientWindows 6.0.2 and earlier
References
CVSS V3.1
Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved