Relative Path Traversal Vulnerability in FortiClient for Windows
CVE-2021-41031
7.8HIGH
What is CVE-2021-41031?
A vulnerability exists in FortiClient for Windows that may allow an unprivileged local attacker to escalate privileges to SYSTEM-level access. This issue arises due to a relative path traversal vulnerability associated with the FortiESNAC service's named pipe. Exploitation of this vulnerability can give attackers increased permissions, posing significant risks to system integrity.
Affected Version(s)
Fortinet FortiClientWindows FortiClientWindows 7.0.2, 7.0.1, 7.0.0, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0