FortiClient Vulnerability

LogMeIn Join.me CVE-2019-13637 Untrusted Search Path Vulnerability

Description

In LogMeIn join.me before 3.16.0.5505, an attacker could execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI that is defined in Windows. An attacker could exploit this vulnerability by convincing a targeted user to follow a malicious link. Successful exploitation could cause the application to load libraries from the directory targeted by the URI link. The attacker could use this behavior to execute arbitrary commands on the system with the privileges of the targeted user if the attacker can place a crafted library in a directory that is accessible to the vulnerable system.

Affected Applications

Join.me

CVE References

CVE-2019-13637

Other References

https://nvd.nist.gov/vuln/detail/CVE-2019-13637

ID	2357
Created	Sep 01, 2021
Description Updated	Oct 26, 2023
Risk
Coverage	FortiClient
OS	Windows
Vendor	LogMeIn
Patch	manual
Application	Join.me

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiClient Vulnerability

LogMeIn Join.me CVE-2019-13637 Untrusted Search Path Vulnerability

Description

Affected Applications

CVE References

Other References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

FortiClient Vulnerability

LogMeIn Join.me CVE-2019-13637 Untrusted Search Path Vulnerability

Description

Affected Applications

CVE References

Other References

Threat Intelligence
Center