CVE-2015-5737

CVE Database · CVE-2015-5737

CVE-2015-5737

· N/AModified

CVSS v3.1

N/A

EPSS

0.52%

Published

Sep 3, 2015

Modified

May 6, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, (4) mdare64_52.sys, and (5) Fortishield.sys drivers in Fortinet FortiClient before 5.2.4 do not properly restrict access to the API for management of processes and the Windows registry, which allows local users to obtain a privileged handle to a PID and possibly have unspecified other impact, as demonstrated by a 0x2220c8 ioctl call.

Weaknesses (CWE)

CWE-264

Affected Products (1)

fortinet · forticlientvulnerable

References (14)

http://fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient

http://packetstormsecurity.com/files/133398/FortiClient-Antivirus-Information-Exposure-Access-Control.html

http://seclists.org/fulldisclosure/2015/Sep/0

http://www.coresecurity.com/advisories/forticlient-antivirus-multiple-vulnerabilities

http://www.fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient

Vendor Advisory

http://www.securityfocus.com/archive/1/536369/100/0/threaded

http://www.securitytracker.com/id/1033439

http://fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient

http://packetstormsecurity.com/files/133398/FortiClient-Antivirus-Information-Exposure-Access-Control.html

KEV Catalog EPSS Scores Vendors All CVEs