Sign-up

ID

VAR-202003-1481


CVE

CVE-2020-9290


TITLE

Windows for FortiClient Vulnerability in uncontrolled search path elements in

Trust: 0.8

sources: JVNDB: JVNDB-2020-002864

DESCRIPTION

An Unsafe Search Path vulnerability in FortiClient for Windows online installer 6.2.3 and below may allow a local attacker with control over the directory in which FortiClientOnlineInstaller.exe and FortiClientVPNOnlineInstaller.exe resides to execute arbitrary code on the system via uploading malicious Filter Library DLL files in that directory. Windows for FortiClient There is a vulnerability in an element of an uncontrolled search path.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Fortinet FortiClient is a mobile terminal security solution developed by Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance, and two-factor authentication when connected to FortiGate firewall appliances. The FortiClientOnlineInstaller.exe file in Fortinet FortiClient (Windows) 6.2.3 and earlier versions has a code issue vulnerability. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products

Trust: 1.71

sources: NVD: CVE-2020-9290 // JVNDB: JVNDB-2020-002864 // VULHUB: VHN-187415

AFFECTED PRODUCTS

vendor:fortinetmodel:forticlient virtual private networkscope:lteversion:6.2.3

Trust: 1.0

vendor:fortinetmodel:forticlientscope:lteversion:6.2.3

Trust: 1.0

vendor:fortinetmodel:forticlientscope:eqversion:6.2.3

Trust: 0.8

vendor:fortinetmodel:forticlient sslvpn clientscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-002864 // NVD: CVE-2020-9290

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-9290
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-002864
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202003-647
value: MEDIUM

Trust: 0.6

VULHUB: VHN-187415
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-9290
severity: MEDIUM
baseScore: 6.9
vectorString: AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.4
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-002864
severity: MEDIUM
baseScore: 6.9
vectorString: AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-187415
severity: MEDIUM
baseScore: 6.9
vectorString: AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.4
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-9290
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-002864
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-187415 // JVNDB: JVNDB-2020-002864 // CNNVD: CNNVD-202003-647 // NVD: CVE-2020-9290

PROBLEMTYPE DATA

problemtype:CWE-427

Trust: 1.9

sources: VULHUB: VHN-187415 // JVNDB: JVNDB-2020-002864 // NVD: CVE-2020-9290

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202003-647

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202003-647

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-002864

PATCH
title:FG-IR-19-060url:https://fortiguard.com/psirt/FG-IR-19-060
Trust: 0.8
title:Fortinet FortiClient Fixes for code issue vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=112502
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2020-002864 // 
            
            
            
            CNNVD: CNNVD-202003-647

EXTERNAL IDS
db:NVDid:CVE-2020-9290
Trust: 2.5
db:JVNDBid:JVNDB-2020-002864
Trust: 0.8
db:CNNVDid:CNNVD-202003-647
Trust: 0.7
db:AUSCERTid:ESB-2019.1785.2
Trust: 0.6
db:CNVDid:CNVD-2020-21078
Trust: 0.1
db:VULHUBid:VHN-187415
Trust: 0.1
sources:
            
            
            VULHUB: VHN-187415 // 
            
            
            
            JVNDB: JVNDB-2020-002864 // 
            
            
            
            CNNVD: CNNVD-202003-647 // 
            
            
            
            NVD: CVE-2020-9290

REFERENCES
url:https://fortiguard.com/psirt/fg-ir-19-060
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2020-9290
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9290
Trust: 0.8
url:https://www.auscert.org.au/bulletins/esb-2019.1785.2/
Trust: 0.6
sources:
            
            
            VULHUB: VHN-187415 // 
            
            
            
            JVNDB: JVNDB-2020-002864 // 
            
            
            
            CNNVD: CNNVD-202003-647 // 
            
            
            
            NVD: CVE-2020-9290

CREDITS
Independent security researcher Honc (honcbb@gmail.com) , Houjingyi (houjingyi647@gmail.com) , security researcher Eran Shimony from CyberArk Labs
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202003-647

SOURCES
db:VULHUBid:VHN-187415
db:JVNDBid:JVNDB-2020-002864
db:CNNVDid:CNNVD-202003-647
db:NVDid:CVE-2020-9290

LAST UPDATE DATE
2024-11-23T22:21:42.129000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-187415date:2020-03-17T00:00:00
db:JVNDBid:JVNDB-2020-002864date:2020-03-27T00:00:00
db:CNNVDid:CNNVD-202003-647date:2020-03-27T00:00:00
db:NVDid:CVE-2020-9290date:2024-11-21T05:40:22.010

SOURCES RELEASE DATE
db:VULHUBid:VHN-187415date:2020-03-15T00:00:00
db:JVNDBid:JVNDB-2020-002864date:2020-03-27T00:00:00
db:CNNVDid:CNNVD-202003-647date:2020-03-12T00:00:00
db:NVDid:CVE-2020-9290date:2020-03-15T22:15:15.097