| IR Number | FG-IR-21-079 |
| Date | Nov 2, 2021 |
| Severity |
Low |
| CVSSv3 Score | 3.2 |
| Impact | Execute unauthorized code or commands |
| CVE ID | CVE-2021-42754 |
| Affected Products |
FortiClientMac
:
7.0.0, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0
|
| CVRF | Download |
Refine Search
PSIRT Advisories
FortiClient (MacOS) - Dylib injection Vulnerability observed in FortiClientMacOS
Summary
An improper control of generation of code vulnerability [CWE-94] in FortiClient for MacOS may allow an authenticated attacker to hijack the MacOS camera via replacing the FortiClient camera handling library with a malicious one.
Affected Products
FortiClientMac version 7.0.0 and below.
FortiClientMac version 6.4.5 and below.
Solutions
Please upgrade to FortiClientMac version 7.0.1 or above.
Please upgrade to FortiClientMac version 6.4.6 or above.