Back to search
CVE-2019-17652
Published: Feb 6, 2020
Modified: Oct 25, 2024
PUBLISHED
Description
A stack buffer overflow vulnerability in FortiClient for Linux 6.2.1 and below may allow a user with low privilege to cause FortiClient processes running under root priviledge crashes via sending specially crafted "StartAvCustomScan" type IPC client requests to the fctsched process due the argv data not been well sanitized.
| Vendor | Product | Versions |
|---|---|---|
Fortinet | Fortinet FortiClientLinux | affected FortiClientLinux 6.2.1 and below |
References
https://fortiguard.com/psirt/FG-IR-19-238
x_refsource_CONFIRM
https://danishcyberdefence.dk/blog/forticlient_linux
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now