[FortiNAC] Privilege Escalation observed in FortiNAC

Summary

A privilege escalation vulnerability in FortiNAC may allow an admin user to escalate the privileges to root by abusing the sudo privileges.

Affected Products

FortiNAC version 8.8.1 and below.

Solutions

Please upgrade to FortiNAC version 8.8.2 or above. Please upgrade to FortiNAC version 9.1.0 or above.

Acknowledgement

Fortinet is pleased to thank Jeremy Parente from Fortinet for reporting this vulnerability.

Timeline

2021-05-05: Initial publication