Unquoted Service Path exploit in FortiClient
An unquoted service path vulnerability in the FortiClient FortiTray component may allow an attacker to gain elevated privileges via the FortiClientConsole executable service path.
FortiClient for Windows Versions 6.2.2 and below.
FortiClient for Windows Versions 6.0.9 and below.
Please upgrade to FortiClient for Windows version 6.2.3 or above.
Please upgrade to FortiClient for Windows version 6.0.10 or above.
Fortinet is pleased to thank Michael Wollner from Deutsche Telekom AG for reporting this vulnerability under responsible disclosure.