First published: Wed Nov 02 2022(Updated: )
An improper control of a resource through its lifetime vulnerability [CWE-664] in FortiEDR CollectorWindows 4.0.0 through 4.1, 5.0.0 through 5.0.3.751, 5.1.0 may allow a privileged user to terminate the FortiEDR processes with special tools and bypass the EDR protection.
Credit: psirt@fortinet.com
Affected Software | Affected Version | How to fix |
---|---|---|
Fortinet Fortiedr | >=4.0.0<=4.1.0 | |
Fortinet Fortiedr | >=5.0.0<=5.0.3.751 | |
Fortinet Fortiedr | >=5.1.0<=5.2.0.2288 | |
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2022-39949.
The severity of CVE-2022-39949 is medium.
FortiEDR CollectorWindows 4.0.0 through 4.1, 5.0.0 through 5.0.3.751, and 5.1.0 are affected by CVE-2022-39949.
A privileged user may be able to terminate the FortiEDR processes with special tools to bypass the EDR protection.
No, Microsoft Windows is not affected by CVE-2022-39949.