← Back to CVEs
CVE-2021-22127
HIGH7.1
Description
An improper input validation vulnerability in FortiClient for Linux 6.4.x before 6.4.3, FortiClient for Linux 6.2.x before 6.2.9 may allow an unauthenticated attacker to execute arbitrary code on the host operating system as root via tricking the user into connecting to a network with a malicious name.
CVE Details
CVSS v3.1 Score7.1
SeverityHIGH
CVSS VectorCVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack VectorADJACENT_NETWORK
ComplexityHIGH
Privileges RequiredNONE
User InteractionREQUIRED
Published4/6/2022
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
fortinet:forticlient
Weaknesses (CWE)
CWE-78
References
https://fortiguard.com/advisory/FG-IR-20-241(psirt@fortinet.com)
https://fortiguard.com/advisory/FG-IR-20-241(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.