Ruben

**Name of the Vulnerable Software and Affected Versions** Fortinet FortiClient Host Security versions 3.0 MR5 Patch 3 and earlier **Description** The issue is related to the fortimon.sys device driver, which does not properly initialize its DeviceExtension. This allows local users to access kernel memory and execute arbitrary code via a crafted request. **Recommendations** For Fortinet FortiClient Host Security versions 3.0 MR5 Patch 3 and earlier, update to a version later than 3.0 MR5 Patch 3 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** SpeedFan version 4.33 **Description** The issue is related to a buffer checking problem in the Speedfan.sys driver. This can lead to a denial of service, causing the machine to crash, and potentially allow local users to gain privileges through unspecified vectors. **Recommendations** For SpeedFan version 4.33, consider disabling the Speedfan.sys driver as a temporary workaround to minimize the risk of exploitation. Restrict access to the IOCTL 0x9c402420 call to prevent potential attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.