CVE-2015-4077

Name of the Vulnerable Software and Affected Versions FortiClient versions prior to 5.2.4

Description The issue allows local users to read arbitrary kernel memory. This is achieved via a specific ioctl call, 0x22608C, to certain drivers, including mdare64 48.sys, mdare32 48.sys, mdare32 52.sys, and mdare64 52.sys.

Recommendations For versions prior to 5.2.4, update to version 5.2.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the affected drivers to minimize the risk of exploitation.