What is CVE-2015-5736?

CVE-2015-5736 is a vulnerability in Fortinet Forticlient, classified under CWE-264. Published 2015-09-03.

Is CVE-2015-5736 known to be exploited?

5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Fortinet Forticlient

CVE-2015-5736

The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 ioctl call.

EPSS: 0.025 (85.8th percentile) — read the EPSS interpretation.

Affected products

Fortinet Forticlient
N/a — versions n/a

Weakness classification (CWE)

CWE-264

Public proof-of-concept exploits

References

cve@mitre.org (x_refsource_MISC)
41722 (exploit, x_refsource_EXPLOIT-DB)
cve@mitre.org (x_refsource_MISC)
45149 (exploit, x_refsource_EXPLOIT-DB)
1033439 (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
41721 (exploit, x_refsource_EXPLOIT-DB)
20150901 [CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities (mailing-list, x_refsource_BUGTRAQ)
cve@mitre.org (x_refsource_CONFIRM)
20150901 [CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities (mailing-list, x_refsource_FULLDISC)

Frequently asked questions

What is CVE-2015-5736?: CVE-2015-5736 is a vulnerability in Fortinet Forticlient, classified under CWE-264. Published 2015-09-03.
Is CVE-2015-5736 known to be exploited?: 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.