Improper Access Control Vulnerability in FortiEDRCollectorWindows

Improper Access Control Vulnerability in FortiEDRCollectorWindows

CVE-2023-44248 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

An improper access control vulnerability [CWE-284] in FortiEDRCollectorWindows version 5.2.0.4549 and below, 5.0.3.1007 and below, 4.0 all may allow a local attacker to prevent the collector service to start in the next system reboot by tampering with some registry keys of the service.

Learn more about our Web Application Penetration Testing UK.