VDB
CVE-2020-15934
CVE-2020-15934
PUBLISHED
CVSS 8.600000381469727 HIGH
An execution with unnecessary privileges vulnerability in the VCM engine of FortiClient for Linux versions 6.2.7 and below, version 6.4.0. may allow local users to elevate their privileges to root by creating a malicious script or program on the target machine.
EPSS 0.09% · 25.3th percentile
Risk Scores
CVSS 3.1
8.600000381469727
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:X
EPSS Score
0.09%
25.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fortinet | FortiClient | |
| fortinet | forticlient | 6.4.0, 6.0.0 |
| Fortinet | FortiClientLinux | 6.0.8, 6.2.6, 6.0.0 |
| Fortinet | FortiOS |
Exploit Intelligence
- CIRCL seen: CVE-2020-15934 (circl-sighting)
- CIRCL seen: CVE-2020-15934 (circl-sighting)
- https://www.fortiguard.com/psirt/FG-IR-20-110 (circl)
Timeline
- Dec 19, 2024 CVE Published
- Dec 19, 2024 PoC Published
- Dec 19, 2024 PoC Published
- Dec 20, 2024 EPSS Score
- Dec 20, 2024 CVE Updated
- Jan 5, 2025 EPSS Score
- Jan 22, 2025 EPSS Score
- Feb 7, 2025 EPSS Score
- Feb 24, 2025 EPSS Score
- Mar 12, 2025 EPSS Score
- Mar 29, 2025 EPSS Score
- Apr 14, 2025 EPSS Score