CVE-2020-15934

An execution with unnecessary privileges vulnerability in the VCM engine of FortiClient for Linux versions 6.2.7 and below, version 6.4.0. may allow local users to elevate their privileges to root by creating a malicious script or program on the target machine.

Published: Dec 19, 2024
Updated: May 4, 2025
CVE: CVE-2020-15934
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-269

Affected Software
References

Software	From	Fixed in
fortinet / forticlient	6.0.0	6.2.8
fortinet / forticlient	6.4.0	6.4.0.x

https://www.fortiguard.com/psirt/FG-IR-20-110

Vulnerability Database

289,599

CVE-2020-15934