Vulnerabilities > CVE-2022-39949 - Unspecified vulnerability in Fortinet Fortiedr

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

fortinet

NVD

Published: 2022-11-02

Updated: 2023-08-08

Summary

An improper control of a resource through its lifetime vulnerability [CWE-664] in FortiEDR CollectorWindows 4.0.0 through 4.1, 5.0.0 through 5.0.3.751, 5.1.0 may allow a privileged user to terminate the FortiEDR processes with special tools and bypass the EDR protection.

Vulnerable Configurations

Part	Description	Count
Application	Fortinet Fortinet Fortiedr 4.0.0 Fortinet Fortiedr 5.0.0 Fortinet Fortiedr 5.0.1 Fortinet Fortiedr 5.0.2 Fortinet Fortiedr 5.0.3 Fortinet Fortiedr 5.1.0 Fortinet Fortiedr 5.2.0	20
OS	Microsoft Microsoft Windows -	1

References

https://fortiguard.com/psirt/FG-IR-22-218