PSIRT Advisory

FortiClient local privilege escalation exploit chain

Summary

A researcher has disclosed several vulnerabilities against FortiClient for Windows, the combination of these vulnerabilities can turn into an exploit chain, which allows a user to gain system privileges on Microsoft Windows.

Impact

Local privilege escalation

Affected Products

All FortiClient for Windows which has Vulnerability scan features enabled.

Solutions

It is advised that all customers update their Vulnerability Scan engine to v2.00027 or later to protect against this vulnerability.  In FortiClient -> About -> Engines -> Vulnerability, ensure version is 2.00027 or greater.  The engine update will be pushed automatically to all FortiClients.


FortiClient Windows 6.0.5 is planned to have a more comprehensive fix which the release is scheduled in Jan, 2019

Acknowledgement

Fortinet thanks Kevin Joensen from Secu A/S for reporting this vulnerability.