virus logo PSIRT

Local privilege escalation in XPC services

Summary

An Incorrect Authorization vulnerability [CWE-863] in FortiClient Mac may allow a local attacker to escalate privileges via crafted XPC messages.

Version Affected Solution
FortiClientMac 7.4 7.4.0 through 7.4.2 Upgrade to 7.4.3 or above
FortiClientMac 7.2 7.2.0 through 7.2.8 Upgrade to 7.2.9 or above
FortiClientMac 7.0 7.0 all versions Migrate to a fixed release

Acknowledgement

Fortinet is pleased to thank Yaniv Nizry from Sonar for reporting this vulnerability under responsible disclosure.

Timeline

2025-05-13: Initial publication
IR Number FG-IR-25-016
Published Date May 13, 2025
Component CLI
Severity High
Discovered External
Attack Type Authenticated
Known Exploited No
CVSSv3 Score 7.4
Impact Escalation of privilege
CVE ID
Download

CVRF

CSAF