Rewterz Threat Alert – Fashion Industry Professionals Targeted by Ducktail Malware’s Newest Campaign – Active IOCs
November 15, 2023Rewterz Threat Advisory – Microsoft SharePoint Server and On-Prem Data Gateway Vulnerabilities
November 15, 2023Rewterz Threat Alert – Fashion Industry Professionals Targeted by Ducktail Malware’s Newest Campaign – Active IOCs
November 15, 2023Rewterz Threat Advisory – Microsoft SharePoint Server and On-Prem Data Gateway Vulnerabilities
November 15, 2023Severity
High
Analysis Summary
CVE-2023-41840 CVSS:7.8
Fortinet FortiClientWindows could allow a remote authenticated attacker to gain elevated privileges on the system, caused by an untrusted search path vulnerability in FortiClient Windows OpenSSL component. By placing a malicious OpenSSL engine library in the search path, an attacker could exploit this vulnerability to escalate privileges.
CVE-2022-40681 CVSS:7.1
Fortinet FortiClientWindows could allow a local authenticated attacker to delete arbitrary files from the system, caused by an incorrect authorization vulnerability. An attacker could exploit this vulnerability to delete arbitrary files from the system.
Impact
- Privilege Escalation
- Data Manipulation
Indicators Of Compromise
CVE
- CVE-2023-41840
- CVE-2022-40681
Affected Vendors
Fortinet
Affected Products
- Fortinet FortiClientWindows 7.2.0
- Fortinet FortiClientWindows 7.2.1
- Fortinet FortiClientWindows 7.0.9
- Fortinet FortiClientWindows 6.0
- Fortinet FortiClientWindows 6.2
- Fortinet FortiClientWindows 7.0.7
- Fortinet FortiClient for Windows 6.0.4
Remediation
Refer to FortiGuard Advisory for patch, upgrade or suggested workaround information.