Vulnerability in Fortinet Forticlient

CVE-2015-5735

The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to write to arbitrary memory locations via a 0x226108 ioctl call.

EPSS: 0.001 (19.5th percentile) — read the EPSS interpretation.

Affected products

Fortinet Forticlient
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

cve@mitre.org (x_refsource_MISC)
cve@mitre.org (x_refsource_MISC)
1033439 (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
20150901 [CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities (mailing-list, x_refsource_BUGTRAQ)
cve@mitre.org (x_refsource_CONFIRM)
20150901 [CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities (mailing-list, x_refsource_FULLDISC)