PSIRT Advisory

FortiAuthenticator Privilege Escalation Vulnerability

Description

Authenticated admin users may be able to obtain access to a system shell from the command line interface.

Impact

Privilege Escalation

Affected Products

FortiAuthenticator 1.x and 2.x

Solutions

Upgrade to FortiAuthenticator 3.0 or higher.

Acknowledgement

Yvan Janssens