Fortinet FortiClient Crafted VPN Connection Name Handling Local Format String
High Nessus Plugin ID 56049
SynopsisThe remote Windows host contains a security application that is affected by a local format string vulnerability.
DescriptionFortiClient, a client-based software solution intended to provide security features for enterprise computers and mobile devices, is installed on the remote Windows host.
The installed version does not properly handle format string specifiers within a VPN connection name. A local user may be able to leverage this issue to read and write arbitrary memory with SYSTEM privileges.
SolutionUpgrade to Fortinet FortiClient 3.0 MR7 Patch 6 (3.0.616) or later.