PT-2023-7192 · Fortinet · Fortiedr
Published
2023-11-07
·
Updated
2023-11-21
·
CVE-2023-44248
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
FortiEDR versions prior to 5.2.0.4549
FortiEDR versions prior to 5.0.3.1007
FortiEDR version 4.0
Description
The issue is related to improper access control in FortiEDR, which may allow a local attacker to prevent the collector service from starting at the next system reboot by tampering with some registry keys of the service.
Recommendations
For FortiEDR versions prior to 5.2.0.4549, update to a version above 5.2.0.4549 to resolve the issue.
For FortiEDR versions prior to 5.0.3.1007, update to a version above 5.0.3.1007 to resolve the issue.
For FortiEDR version 4.0, update to a version above 4.0 to resolve the issue.
As a temporary workaround, consider restricting access to the registry keys of the collector service to prevent tampering.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Fortiedr