CVE-2021-32592

An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x and FortiClientEMS 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x may allow an attacker to perform a DLL Hijack attack on affected devices via a malicious OpenSSL engine library in the search path.
References
Link Resource
https://fortiguard.com/advisory/FG-IR-21-088 Vendor Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*
cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*
cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*
cpe:2.3:a:fortinet:forticlient:7.0.0:*:*:*:*:windows:*:*
cpe:2.3:a:fortinet:forticlient_enterprise_management_server:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:forticlient_enterprise_management_server:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:forticlient_enterprise_management_server:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:forticlient_enterprise_management_server:7.0.0:*:*:*:*:*:*:*

Information

Published : 2021-12-01 04:15

Updated : 2021-12-02 08:02


NVD link : CVE-2021-32592

Mitre link : CVE-2021-32592


JSON object : View

CWE
CWE-427

Uncontrolled Search Path Element

Advertisement

dedicated server usa

Products Affected

fortinet

  • forticlient
  • forticlient_enterprise_management_server