CVE-2019-5589

CVE Database · CVE-2019-5589

CVE-2019-5589

· N/AModified

CVSS v3.1

N/A

EPSS

2.61%

Published

May 28, 2019

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An Unsafe Search Path vulnerability in FortiClient Online Installer (Windows version before 6.0.6) may allow an unauthenticated, remote attacker with control over the directory in which FortiClientOnlineInstaller.exe resides to execute arbitrary code on the system via uploading malicious .dll files in that directory.

Weaknesses (CWE)

CWE-426

Affected Products (1)

fortinet · forticlient (up to 6.0.6)vulnerable

References (2)

https://fortiguard.com/advisory/FG-IR-19-060

Vendor Advisory

https://fortiguard.com/advisory/FG-IR-19-060

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs