Multiple vulnerabilities in Fortinet FortiClient (Windows)
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2023-41840 CVE-2023-33304 |
| CWE-ID | CWE-426 CWE-798 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Fortinet FortiClient for Windows Server applications / Other server solutions |
| Vendor | Fortinet, Inc |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Untrusted search path
EUVDB-ID: #VU83265
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-41840
CWE-ID:
CWE-426 - Untrusted Search Path
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise the target system.
The vulnerability exists due to usage of an untrusted search path. A local user can perform a DLL Hijack attack via a malicious OpenSSL engine library in the search path.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFortinet FortiClient for Windows: 7.0.9 - 7.2.1
CPE2.3- cpe:2.3:a:fortinet:fortinet_forticlient:7.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:fortinet:fortinet_forticlient:7.2.1:*:*:*:*:*:*:*
https://fortiguard.com/psirt/FG-IR-23-274
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Use of hard-coded credentials
EUVDB-ID: #VU83266
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-33304
CWE-ID:
CWE-798 - Use of Hard-coded Credentials
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain full access to vulnerable system.
The vulnerability exists due to presence of hard-coded credentials in application code. A local administrator can access the affected system using the hard-coded credentials.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFortinet FortiClient for Windows: 7.0.0 - 7.2.1
CPE2.3- cpe:2.3:a:fortinet:fortinet_forticlient:7.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:fortinet:fortinet_forticlient:7.2.1:*:*:*:*:*:*:*
https://fortiguard.com/psirt/FG-IR-23-108
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
