FortiClient for Windows prior to 6.2.3 is vulnerable to an unquoted service path vulnerability. That may allow an attacker to gain elevated privileges via the FortiClientConsole executable service path.

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

FortiClient FortiTray

FortiClient for Windows Versions 6.2.2 and below.

FortiClient for Windows version 6.2.3 or above.

Private: The PoC is not published because it's obvious.

• https://nvd.nist.gov/vuln/detail/CVE-2019-17658
• https://fortiguard.com/psirt/FG-IR-19-281