An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x and FortiClientEMS 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x may allow an attacker to perform a DLL Hijack attack on affected devices via a malicious OpenSSL engine library in the search path.
References
Link | Resource |
---|---|
https://fortiguard.com/advisory/FG-IR-21-088 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2021-12-01 04:15
Updated : 2021-12-02 08:02
NVD link : CVE-2021-32592
Mitre link : CVE-2021-32592
JSON object : View
CWE
CWE-427
Uncontrolled Search Path Element
Products Affected
fortinet
- forticlient
- forticlient_enterprise_management_server