What is CVE-2015-4077?

CVE-2015-4077 is a vulnerability in Fortinet Forticlient, classified under Information Disclosure. Published 2015-09-03.

Is CVE-2015-4077 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Information disclosure in Fortinet Forticlient

CVE-2015-4077

The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to read arbitrary kernel memory via a 0x22608C ioctl call.

Vulnerability class: Information Disclosure

EPSS: 0.002 (38.7th percentile) — read the EPSS interpretation.

Affected products

Fortinet Forticlient
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

Public proof-of-concept exploits

ApexPredator-InfoSec/forti_shield

References

cve@mitre.org (x_refsource_MISC, Vendor Advisory)
cve@mitre.org (x_refsource_MISC)
45149 (exploit, x_refsource_EXPLOIT-DB)
1033439 (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
20150901 [CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities (mailing-list, x_refsource_BUGTRAQ)
cve@mitre.org (x_refsource_CONFIRM)
20150901 [CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities (mailing-list, x_refsource_FULLDISC)

Frequently asked questions

What is CVE-2015-4077?: CVE-2015-4077 is a vulnerability in Fortinet Forticlient, classified under Information Disclosure. Published 2015-09-03.
Is CVE-2015-4077 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.