CVE-2023-22635

A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac version 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions, 5.6 all versions, 5.4 all versions, 5.2 all versions, 5.0 all versions and 4.0 all versions may allow a local attacker to escalate their privileges via modifying the installer upon upgrade.

Published: Apr 11, 2023
Updated: Apr 19, 2023
CVE: CVE-2023-22635
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-494

Affected Software
References

Software	From	Fixed in
fortinet / forticlient	6.0.0	6.4.10.x
fortinet / forticlient	4.0.0	5.6.6.x
fortinet / forticlient	7.0.0	7.0.8

https://fortiguard.com/psirt/FG-IR-22-481

Vulnerability Database

289,599

CVE-2023-22635