PT-2017-17676 · Microsoft+1 · Windows+1

Published

2017-12-14

Updated

2019-10-03

CVE-2017-7344

CVSS v3.1

8.1

High

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Fortinet FortiClient Windows versions 5.4.3 and earlier Fortinet FortiClient Windows version 5.6.0

Description A privilege escalation issue allows an attacker to gain privileges by exploiting the Windows "security alert" dialog that pops up when the "VPN before logon" feature is enabled and an untrusted certificate chain is present.

Recommendations For Fortinet FortiClient Windows versions 5.4.3 and earlier, consider disabling the "VPN before logon" feature until a patch is available. For Fortinet FortiClient Windows version 5.6.0, consider disabling the "VPN before logon" feature until a patch is available. As a temporary workaround, restrict access to the Windows "security alert" dialog when an untrusted certificate chain is detected to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2017-7344

Affected Products

Forticlient

Windows

PT-2017-17676 · Microsoft+1 · Windows+1

CVE-2017-7344

Related Identifiers

Affected Products

References · 5