Arbitrary Code Execution Vulnerability in Fortishield.sys Driver

Arbitrary Code Execution Vulnerability in Fortishield.sys Driver

CVE-2015-5736 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 ioctl call.

Learn more about our Cis Benchmark Audit For Fortinet.