PT-2022-6070 · Fortinet · Fortiedr Collectorwindows
Published
2022-11-01
·
Updated
2023-08-08
·
CVE-2022-39949
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
FortiEDR CollectorWindows versions 4.0.0 through 4.1
FortiEDR CollectorWindows versions 5.0.0 through 5.0.3.751
FortiEDR CollectorWindows version 5.1.0
Description
The issue is related to an improper control of a resource through its lifetime, which may allow a privileged user to terminate the FortiEDR processes and bypass the EDR protection. This could potentially lead to a denial of service.
Recommendations
For versions 4.0.0 through 4.1, update to a version outside of this range to mitigate the risk.
For versions 5.0.0 through 5.0.3.751, update to a version outside of this range to mitigate the risk.
For version 5.1.0, update to a version later than 5.1.0 to mitigate the risk.
Fix
Improper Resource Release
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Fortiedr Collectorwindows