CVE-2023-45590

Name of the Vulnerable Software and Affected Versions FortiClientLinux versions 7.0.3 through 7.0.4 FortiClientLinux versions 7.0.6 through 7.0.10 FortiClientLinux version 7.2.0

Description An improper control of generation of code ('code injection') in FortiClientLinux allows an attacker to execute unauthorized code or commands via tricking a FortiClientLinux user into visiting a malicious website. The exploitation of this issue may allow a remote attacker to execute arbitrary code if the user visits a specially crafted malicious website.

Recommendations For FortiClientLinux versions 7.0.3 through 7.0.4, upgrade to version 7.0.11 or higher to mitigate the risk. For FortiClientLinux versions 7.0.6 through 7.0.10, upgrade to version 7.0.11 or higher to mitigate the risk. For FortiClientLinux version 7.2.0, upgrade to version 7.2.1 or higher to mitigate the risk.