An incorrect default permission [CWE-276] vulnerability in FortiClient (Windows) versions 7.0.0 through 7.0.6 and 6.4.0 through 6.4.8 and FortiConverter (Windows) versions 6.2.0 through 6.2.1, 7.0.0 and all versions of 6.0.0 may allow a local authenticated attacker to tamper with files in the installation folder, if FortiClient or FortiConverter is installed in an insecure folder.
References
History

Wed, 23 Oct 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2023-06-13T08:41:40.721Z

Updated: 2024-10-23T14:27:28.404Z

Reserved: 2022-06-16T11:14:43.765Z

Link: CVE-2022-33877

cve-icon Vulnrichment

Updated: 2024-08-03T08:09:22.643Z

cve-icon NVD

Status : Modified

Published: 2023-06-13T09:15:14.420

Modified: 2023-11-07T03:48:23.293

Link: CVE-2022-33877

cve-icon Redhat

No data.