Main Vulnerability Database SB2023112007

SB2023112007 - Improper access control in Fortinet FortiEDRCollector (Windows)

Published: November 20, 2023

Security Bulletin ID SB2023112007

CSH Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Improper access control (CVE-ID: CVE-2023-44248)

CWE-ID: CWE-284 - Improper Access Control

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. A local administrator can prevent the collector service to start in the next system reboot by tampering with some registry keys of the service.

Remediation

Install update from vendor's website.

References

https://fortiguard.com/psirt/FG-IR-23-306