Insecure Temporary File Vulnerability in FortiClient for Windows
CVE-2020-9291
6.3MEDIUM
Key Information:
- Vendor
Fortinet
- Vendor
- CVE Published:
- 1 June 2020
What is CVE-2020-9291?
An Insecure Temporary File vulnerability exists in FortiClient for Windows versions up to 6.2.1, which could allow a local user to exploit the system. By exhausting the pool of temporary file names through a symbolic link attack, the user may achieve elevated privileges, potentially compromising system integrity and security. Users of the affected versions are advised to apply patches and take preventative measures to secure their systems.
Affected Version(s)
Fortinet FortiClient for Windows FortiClient for Windows 6.2.1 and earlier and FortiClient for Windows 6.0.9 and earlier