CVE-2020-9287

Name of the Vulnerable Software and Affected Versions FortiClient EMS online installer versions 6.2.1 and below

Description The issue is related to an Unsafe Search Path vulnerability in the FortiClient EMS online installer. This vulnerability can be exploited by a local attacker who has control over the directory where the FortiClientEMSOnlineInstaller.exe file resides, allowing them to execute arbitrary code on the system. The exploitation is possible through the upload of malicious Filter Library DLL files in that directory.

Recommendations For versions 6.2.1 and below, consider restricting access to the directory where FortiClientEMSOnlineInstaller.exe resides to prevent malicious DLL files from being uploaded. As a temporary workaround, avoid using the FortiClientEMSOnlineInstaller.exe file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.