FortiNAC - Privilege Escalation via exploiting the SUDO privileges.

Summary

A privilege escalation vulnerability in FortiNAC may allow an admin user to escalate the privileges to root via the sudo command.

Affected Products

FortiNAC version 8.8.8 and below.
FortiNAC version 9.1.2 and below.

Solutions

Please upgrade to FortiNAC version 8.8.9 or above.
Please upgrade to FortiNAC version 9.1.3 or above.
Please upgrade to FortiNAC version 9.2.0 or above.

 

 

Acknowledgement

Fortinet is pleased to thank Cliff Albert from Unilogic B.V. for reporting this vulnerability under responsible disclosure.