================================================================== CERT-Renater Note d'Information No. 2022/VULN143 ______________________________________________________________________ DATE : 06/04/2022 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S) : Windows, Linux running FortiClient versions prior to 7.0.3, 6.4.8. ====================================================================https://fortiguard.fortinet.com/psirt/FG-IR-21-238 https://fortiguard.fortinet.com/psirt/FG-IR-21-226 https://fortiguard.fortinet.com/psirt/FG-IR-21-232 _______________________________________________________________________ IR Number FG-IR-21-238 Date Apr 5, 2022 Risk CVSSv3 Score 8 Impact Escalation of privilege CVE ID CVE-2021-44169 Affected Products FortiClientWindows: 7.0.2, 7.0.1, 7.0.0, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.10, 6.0.1, 6.0.0 CVRF Download FortiClient (Windows) - privilege escalation in online installer due to incorrect working directory Summary An improper initialization [CWE-665] vulnerability in FortiClient (Windows) may allow a local attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory. Affected Products FortiClient (Windows) version 6.0.10 and below FortiClient (Windows) version 6.2.9 and below FortiClient (Windows) version 6.4.7 and below FortiClient (Windows) version 7.0.2 and below Solutions Upgrade to FortiClient (Windows) 7.0.3 or above Upgrade to FortiClient (Windows) 6.4.8 or above Acknowledgement Fortinet is pleased to thank JaeHeng Yoon of JENBlack Soft for reporting this vulnerability under responsible disclosure. _______________________________________________________________________ IR Number FG-IR-21-226 Date Apr 5, 2022 Risk CVSSv3 Score 4.2 Impact Improper access control CVE ID CVE-2021-43205 Affected Products FortiClientLinux: 7.0.2, 7.0.1, 7.0.0, 6.4.7, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0 CVRF Download FortiClient (Linux) - external access to confighandler webserver Summary An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient for Linux may allow an unauthenticated attacker to access the confighandler webserver via external binaries. Affected Products FortiClient for Linux version 7.0.2 and below FortiClient for Linux version 6.4.7 and below FortiClient for Linux version 6.2.9 to 6.2.0 Solutions Please upgrade to FortiClient for Linux version 7.0.3 or above. Please upgrade to FortiClient for Linux version 6.4.8 or above. _______________________________________________________________________ IR Number FG-IR-21-232 Date Apr 5, 2022 Risk CVSSv3 Score 6.1 Impact Information disclosure CVE ID CVE-2021-44167 Affected Products FortiClientLinux: 7.0.2, 7.0.1, 7.0.0, 6.4.7, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.8, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0 CVRF Download FortiClient (Linux) - Improper directories permissions Summary An incorrect permission assignment for critical resource vulnerability [CWE-732] in FortiClient for Linux may allow an unauthenticated attacker to access sensitive information in log files and directories via symbolic links. Affected Products FortiClientLinux version 6.0.0 through 6.0.8 FortiClientLinux version 6.2.0 through 6.2.9 FortiClientLinux version 6.4.0 through 6.4.7 FortiClientLinux version 7.0.0 through 7.0.2 Solutions Please upgrade to FortiClientLinux version 7.0.3 Please upgrade to FortiClientLinux version 6.4.8 ========================================================+ CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =======================================================--------------umH4qvPttGMAizG0pUMq7wHi--