CVE-2021-26089: 
FortiClient vulnerability analysis and mitigation

A privilege escalation vulnerability (CVE-2021-26089) was discovered in FortiClient for Mac versions 6.4.3 and below. The vulnerability was disclosed on July 7, 2021, and affects the installation phase of the FortiClient software. This security issue allows a non-privileged user to execute arbitrary privileged shell commands during the installation process (Fortiguard Advisory).

The vulnerability stems from an improper symlink following in FortiClient for Mac. The specific flaw exists within the Network Access Control service, where the service loads an OpenSSL configuration file from an unsecured location. This vulnerability has a CVSS score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating a high severity level (Zero Day Initiative).

If successfully exploited, this vulnerability allows an attacker to escalate privileges and execute arbitrary code in the context of SYSTEM/root. The attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability (Zero Day Initiative).

The vulnerability has been fixed in FortiClient version 7.0.0. Users are advised to upgrade to this version or later to address the security issue (Zero Day Initiative).