PSIRT Advisories

FortiClient NDIS Miniport Driver Null Pointer Dereference


There is a Null pointer dereference in the NDIS Miniport drivers in FortiClient on Windows, which may be leveraged by an unprivileged user to cause a Denial of Service (BSOD).

Affected Products

FortiClientWindows 6.0.2 and below.


Upgrade to FortiClientWindows 6.0.3 or above.


Fortinet thanks Enrique Nissim, Senior Security Consultant at IOActive for reporting this vulnerability.