CVE-2023-33304

4.4MEDIUM

Key Information:

Vendor
Fortinet
Status
Forticlientwindows
Vendor
CVE Published:
14 November 2023

Summary

A use of hard-coded credentials vulnerability in Fortinet FortiClient Windows 7.0.0 - 7.0.9 and 7.2.0 - 7.2.1 allows an attacker to bypass system protections via the use of static credentials.

Affected Version(s)

FortiClientWindows 7.2.0 <= 7.2.1

FortiClientWindows 7.0.0 <= 7.0.9

References

https://fortiguard.com/psirt/FG-IR-23-108

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.