← back
CVE-2019-5589

CVE-2019-5589

EPSS 2.6%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 2.6%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
28 May 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An Unsafe Search Path vulnerability in FortiClient Online Installer (Windows version before 6.0.6) may allow an unauthenticated, remote attacker with control over the directory in which FortiClientOnlineInstaller.exe resides to execute arbitrary code on the system via uploading malicious .dll files in that directory.
Affected products
Fortinet · Fortinet FortiClient for Windows

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://fortiguard.com/advisory/FG-IR-19-060