Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-22635

A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac version 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions, 5.6 all versions, 5.4 all versions, 5.2 all versions, 5.0 all versions and 4.0 all versions may allow a local attacker to escalate their privileges via modifying the installer upon upgrade.

Published

2023-04-11T17:15:08.043

Last Modified

2024-11-21T07:45:05.787

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.3 (HIGH)

Weaknesses

Type: Secondary
CWE-494
Type: Primary
CWE-494

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	fortinet	forticlient	≤ 5.6.6	Yes
Application	fortinet	forticlient	≤ 6.4.10	Yes
Application	fortinet	forticlient	< 7.0.8	Yes

References

https://fortiguard.com/psirt/FG-IR-22-481 Vendor Advisory ([email protected])
https://fortiguard.com/psirt/FG-IR-22-481 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)