PSIRT Advisories

FortiSIEM - privilege escalation by script executionution in Windows Agent

Summary

An improper privilege management vulnerability [CWE-269] in the FortiSIEM Windows Agent may allow an authenticated user to execute unauthorized code or commands as a privileged user via script execution.

 

Affected Products

FortiSIEM Windows Agent version 4.1.4 and below.
FortiSIEM Windows Agent version 4.0.0.
FortiSIEM Windows Agent version 3.3.0.
FortiSIEM Windows Agent version 3.2.2 and below.
FortiSIEM Windows Agent version 3.1.2 and below.

Solutions

Upgrade to FortiSIEM Windows Agent version 4.1.5 or above

.

Acknowledgement

Internally discovered and reported by Oleksii Mandrychenko and Damnjan Nikolic of Fortinet TAC team.