PT-2021-5429 · Fortinet · Fortisiem Windows Agent

Published

2021-11-02

Updated

2021-11-04

CVE-2021-41022

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Fortinet FortiSIEM Windows Agent versions 4.1.4 and below

Description The issue is related to improper privilege management in Fortinet FortiSIEM Windows Agent, which can be exploited to execute privileged code or commands via powershell scripts. This can allow an attacker to perform unauthorized actions.

Recommendations For Fortinet FortiSIEM Windows Agent versions 4.1.4 and below, update to a version above 4.1.4 to resolve the issue. As a temporary workaround, consider restricting access to powershell scripts until a patch is available.

Fix

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

BDU:2021-06272

CVE-2021-41022

Affected Products

Fortisiem Windows Agent

PT-2021-5429 · Fortinet · Fortisiem Windows Agent

CVE-2021-41022

Weakness Enumeration

Related Identifiers

Affected Products

References · 8