PSIRT Advisories
FortiClient (Mac) - update functionality may lead to privilege escalation vulnerability
Summary
A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac may allow a local attacker to escalate their privileges via modifying the installer upon upgrade.
Affected Products
FortiClientMac version 7.0.0 through 7.0.7
FortiClientMac version 6.4 all versions
FortiClientMac version 6.2 all versions
FortiClientMac version 6.0 all versions
Solutions
Please upgrade to FortiClientMac version 7.0.8 or above.
Please upgrade to FortiClientMac version 7.2.0 or above.