CVE-2023-47534 HIGH

CVE-2023-47534

Vendor Fortinet
Product FortiClientEMS
Weakness CWE-1236
Published March 12, 2024
Last update August 12, 2024

CVSS base score

8.7/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:P/RL:U/RC:R

What the vulnerability does

01Description

A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.10, 6.4.0 through 6.4.9, 6.2.0 through 6.2.9, 6.0.0 through 6.0.8 allows attacker to execute unauthorized code or commands via specially crafted packets.

Key dates

02Disclosure timeline

March 12, 2024 CVE published
August 12, 2024 Record updated