Stack Buffer Overflow in FortiClient for Linux by Fortinet
CVE-2019-17652
6.5MEDIUM
Summary
A stack buffer overflow vulnerability exists in FortiClient for Linux versions 6.2.1 and earlier, allowing a low-privilege user to send specially crafted IPC requests to the fctsched process. This improper sanitization of the argv data can lead to crashes in FortiClient processes running with root privileges, potentially disrupting the security features of the software.
Affected Version(s)
Fortinet FortiClientLinux FortiClientLinux 6.2.1 and below
References
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved