CVE-2017-7344

CVE Database · CVE-2017-7344

CVE-2017-7344

· N/AModified

CVSS v3.1

N/A

EPSS

1.85%

Published

Dec 14, 2017

Modified

May 12, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A privilege escalation in Fortinet FortiClient Windows 5.4.3 and earlier as well as 5.6.0 allows attacker to gain privilege via exploiting the Windows "security alert" dialog thereby popping up when the "VPN before logon" feature is enabled and an untrusted certificate chain.

Affected Products (2)

fortinet · forticlientvulnerable

References (6)

http://www.securityfocus.com/bid/102176

Third Party AdvisoryVDB Entry

https://fortiguard.com/advisory/FG-IR-17-070

Vendor Advisory

https://securite.intrinsec.com/2017/12/22/cve-2017-7344-fortinet-forticlient-windows-privilege-escalation-at-logon/

ExploitMitigationThird Party Advisory

http://www.securityfocus.com/bid/102176

Third Party AdvisoryVDB Entry

https://fortiguard.com/advisory/FG-IR-17-070

Vendor Advisory

https://securite.intrinsec.com/2017/12/22/cve-2017-7344-fortinet-forticlient-windows-privilege-escalation-at-logon/

KEV Catalog EPSS Scores Vendors All CVEs