VDB

GSD-2023-22635

GSD-2023-22635 PUBLISHED CVSS 6.900000095367432 MEDIUM

A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac version 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions, 5.6 all versions, 5.4 all versions, 5.2 all versions, 5.0 all versions and 4.0 all versions may allow a local attacker to escalate their privileges via modifying the installer upon upgrade.

Risk Scores

CVSS v3.1
6.900000095367432
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L/E:P/RL:X/RC:X

Affected Products

VendorProductVersions
FortinetFortiClientMac7.0.0, 6.4.0, 6.2.0

Timeline

  • Dec 27, 2024 PoC Published
  • Feb 13, 2025 PoC Published
  • Mar 28, 2025 PoC Published
  • May 12, 2025 PoC Published
  • Apr 22, 2026 CVE Published

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›