CVE-2020-9292

CVE Database · CVE-2020-9292

CVE-2020-9292

· CRITICALModified

CVSS v3.1

9.8

EPSS

1.54%

Published

Jun 4, 2020

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An unquoted service path vulnerability in the FortiSIEM Windows Agent component may allow an attacker to gain elevated privileges via the AoWinAgt executable service path.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-428

Affected Products (1)

fortinet · fortisiem_windows_agentvulnerable

References (2)

https://fortiguard.com/advisory/FG-IR-20-021

Vendor Advisory

https://fortiguard.com/advisory/FG-IR-20-021

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs