March 22, 2024
Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]
Rewterz Threat Alert – Fashion Industry Professionals Targeted by Ducktail Malware’s Newest Campaign – Active IOCs
November 15, 2023
Rewterz Threat Advisory – Microsoft SharePoint Server and On-Prem Data Gateway Vulnerabilities
November 15, 2023
Rewterz Threat Alert – Fashion Industry Professionals Targeted by Ducktail Malware’s Newest Campaign – Active IOCs
November 15, 2023
Rewterz Threat Advisory – Microsoft SharePoint Server and On-Prem Data Gateway Vulnerabilities
November 15, 2023
Severity
High
Analysis Summary
CVE-2023-41840 CVSS:7.8
Fortinet FortiClientWindows could allow a remote authenticated attacker to gain elevated privileges on the system, caused by an untrusted search path vulnerability in FortiClient Windows OpenSSL component. By placing a malicious OpenSSL engine library in the search path, an attacker could exploit this vulnerability to escalate privileges.
CVE-2022-40681 CVSS:7.1
Fortinet FortiClientWindows could allow a local authenticated attacker to delete arbitrary files from the system, caused by an incorrect authorization vulnerability. An attacker could exploit this vulnerability to delete arbitrary files from the system.
Impact
- Privilege Escalation
- Data Manipulation
Indicators Of Compromise
CVE
- CVE-2023-41840
- CVE-2022-40681
Affected Vendors
Fortinet
Affected Products
- Fortinet FortiClientWindows 7.2.0
- Fortinet FortiClientWindows 7.2.1
- Fortinet FortiClientWindows 7.0.9
- Fortinet FortiClientWindows 6.0
- Fortinet FortiClientWindows 6.2
- Fortinet FortiClientWindows 7.0.7
- Fortinet FortiClient for Windows 6.0.4
Remediation
Refer to FortiGuard Advisory for patch, upgrade or suggested workaround information.