Code Generation Vulnerability in FortiClientMacOS Allows Unauthorized Camera Hijacking

Code Generation Vulnerability in FortiClientMacOS Allows Unauthorized Camera Hijacking

CVE-2021-42754 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

An improper control of generation of code vulnerability [CWE-94] in FortiClientMacOS versions 7.0.0 and below and 6.4.5 and below may allow an authenticated attacker to hijack the MacOS camera without the user permission via the malicious dylib file.

Learn more about our Cis Benchmark Audit For Apple Macos.