Null Pointer Dereference in Fortinet FortiClient Windows by Fortinet
CVE-2018-9190

5.5MEDIUM

Key Information:

Vendor
Fortinet
Vendor
CVE Published:
8 February 2019

Summary

A null pointer dereference vulnerability exists in Fortinet's FortiClient for Windows versions 6.0.2 and earlier. This flaw can be exploited by attackers to trigger a denial of service condition through the NDIS miniport driver, leading to potential disruptions in service and loss of availability. Users and organizations utilizing affected versions are advised to implement necessary upgrades and patches to mitigate the risk associated with this vulnerability.

Affected Version(s)

Fortinet FortiClientWindows FortiClientWindows 6.0.2 and earlier

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.