CVE-2022-26113

Name of the Vulnerable Software and Affected Versions FortiClientWindows versions 7.0.0 through 7.0.3 FortiClientWindows versions 6.4.0 through 6.4.7 FortiClientWindows versions 6.2.0 through 6.2.9 FortiClientWindows versions 6.0.0 through 6.0.10

Description The issue is related to insecure privilege management in FortiClient for Windows, which may allow a local attacker to perform an arbitrary file write on the system. This is due to an execution with unnecessary privileges vulnerability.

Recommendations For FortiClientWindows versions 7.0.0 through 7.0.3, update to a version outside of this range to mitigate the risk. For FortiClientWindows versions 6.4.0 through 6.4.7, update to a version outside of this range to mitigate the risk. For FortiClientWindows versions 6.2.0 through 6.2.9, update to a version outside of this range to mitigate the risk. For FortiClientWindows versions 6.0.0 through 6.0.10, update to a version outside of this range to mitigate the risk. As a temporary workaround, consider restricting access to sensitive system files and directories to minimize the risk of exploitation.