CVE-2020-15934

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Dec 19, 2024

CWE ID 269

Summary

CVE-2020-15934 is an execution with unnecessary privileges vulnerability affecting FortiClient for Linux versions 6.2.7 and below, as well as version 6.4.0. This vulnerability resides in the VCM engine and enables local users to escalate their privileges to root level. By creating a malicious script or program, attackers can exploit this flaw and gain elevated access to the system, potentially leading to significant security risks. This issue calls for immediate attention from FortiClient Linux users to update their software to mitigate the threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Fortinet FortiClient

Affected Vendors

Fortinet

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/eqAY-j
https://www.cve.org/CVERecord?id=CVE-2020-15934
https://nvd.nist.gov/vuln/detail/CVE-2020-15934

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners