Summary
FortiClient drivers expose IOCTL that may allow an unprivileged user to get system-level privileges.
Affected Products
FortiClient v5.2.3 and earlier.
Solutions
Upgrade to FortiClient v5.2.4.
Acknowledgement
Thanks to Enrique Nissim and JoaquÃn RodrÃguez Varela from Core Security for responsibly disclosing these issues to Fortinet.
PSIRT