CVE-2019-6692
First published: Thu Oct 24 2019(Updated: )
A malicious DLL preload vulnerability in Fortinet FortiClient for Windows 6.2.0 and below allows a privileged attacker to perform arbitrary code execution via forging that DLL.
Credit: psirt@fortinet.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fortinet FortiClient Windows | <=6.2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this Fortinet FortiClient vulnerability?
The vulnerability ID of this Fortinet FortiClient vulnerability is CVE-2019-6692.
What is the affected software version for this vulnerability?
The affected software version for this vulnerability is Fortinet FortiClient for Windows 6.2.0 and below.
What can a privileged attacker do with this vulnerability?
A privileged attacker can perform arbitrary code execution via forging a malicious DLL.
How can I fix this vulnerability in Fortinet FortiClient for Windows?
To fix this vulnerability, update Fortinet FortiClient for Windows to a version higher than 6.2.0.
Is there any additional reference material available for this vulnerability?
Yes, you can refer to the FortiGuard Advisory FG-IR-19-148 available at the provided link.
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/event
- agent/description
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/fortinet
- canonical/fortinet forticlient windows
- version/fortinet forticlient windows/6.2.0