Information Disclosure in FortiClient for Windows, Linux, and Mac by Fortinet
CVE-2023-37939
3LOW
Key Information:
- Vendor
Fortinet
- Vendor
- CVE Published:
- 10 October 2023
What is CVE-2023-37939?
A vulnerability in FortiClient could allow a local authenticated attacker without administrative privileges to potentially access sensitive information. This includes the ability to view a list of files or folders that have been excluded from malware scanning, thereby exposing sensitive data inadvertently. The issue affects multiple versions of FortiClient across different operating systems including Windows, Linux, and Mac.
Affected Version(s)
FortiClientLinux 7.2.0
FortiClientLinux 7.0.6 <= 7.0.9
FortiClientLinux 7.0.0 <= 7.0.4