High severity8.1NVD Advisory· Published Dec 14, 2017· Updated Jun 17, 2026
CVE-2017-7344
CVE-2017-7344
Description
A privilege escalation in Fortinet FortiClient Windows 5.4.3 and earlier as well as 5.6.0 allows attacker to gain privilege via exploiting the Windows "security alert" dialog thereby popping up when the "VPN before logon" feature is enabled and an untrusted certificate chain.
Affected products
3cpe:2.3:a:fortinet:forticlient:5.6.0:*:*:*:*:windows:*:*+ 1 more
- cpe:2.3:a:fortinet:forticlient:5.6.0:*:*:*:*:windows:*:*
- cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*range: <=5.4.3
- Fortinet, Inc./FortiClientWindowsv5Range: 5.6.0, 5.4.3, 5.4.2, 5.4.1, 5.4.0
Patches
Vulnerability mechanics
References
3- securite.intrinsec.com/2017/12/22/cve-2017-7344-fortinet-forticlient-windows-privilege-escalation-at-logon/nvdExploitMitigationThird Party Advisory
- www.securityfocus.com/bid/102176nvdThird Party AdvisoryVDB Entry
- fortiguard.com/advisory/FG-IR-17-070nvdVendor Advisory
News mentions
0No linked articles in our index yet.