| IR Number | FG-IR-16-095 |
| Date | Oct 31, 2017 |
| Severity |
High |
| Impact | Privilege escalation |
| CVE ID | CVE-2016-8493 |
| Affected Products |
FortiClientWindows
:
5.4.2, 5.4.1
|
| CVRF | Download |
Refine Search
PSIRT Advisories
FortiClient privilege escalation vulnerability
Summary
A low privileged user may be able to execute arbitrary code by exploiting a FortiClientNamedPipe vulnerability.
Description
A low privileged user may be able to execute arbitrary code by exploiting a FortiClientNamedPipe vulnerability.
Affected Products
FortiClientWindows 5.4.1, 5.4.2.
Solutions
Upgrade to FortiClient Windows: 5.4.3 or 5.6.0
Acknowledgement
Fortinet is pleased to thank Zhipeng Huo from Tencent Technology Company Limited for reporting this vulnerability under responsible disclosure.