CVE-2021-43066
Description
A external control of file name or path in Fortinet FortiClientWindows version 7.0.2 and below, version 6.4.6 and below, version 6.2.9 and below, version 6.0.10 and below allows attacker to escalate privilege via the MSI installer.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.058
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2021-43066 are affected in Forticlient 7.0.2 | Windows |
| Multiple Vulnerabilities are affected in Forticlient (x64) 6.0.10 | Windows |
| Vulnerabilities CVE-2021-41031,CVE-2021-43066 are affected in Forticlient (x64) 7.0.2 | Windows |
| Multiple Vulnerabilities are affected in Forticlient 6.0.10 | Windows |
| Vulnerabilities CVE-2021-41031,CVE-2021-43066 are affected in Forticlient 7.0.2 | Windows |
| Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-43066) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234