CVE-2021-41031: 
FortiClient vulnerability analysis and mitigation

A relative path traversal vulnerability [CWE-23] in FortiClient for Windows affects versions 7.0.2 and prior, 6.4.6 and prior, and 6.2.9 and below. The vulnerability was discovered by Daniel Hulliger of Armasuisse - CYD Campus and was published on July 5, 2022. It has been assigned CVE-2021-41031 with a high severity CVSS score of 7.8 (Fortiguard PSIRT, CVE Mitre).

The vulnerability is classified as a relative path traversal vulnerability (CWE-23) that affects the named pipe responsible for FortiESNAC service in FortiClient for Windows. The issue stems from insufficient input validation that could be exploited through the named pipe system (Fortiguard PSIRT).

If successfully exploited, this vulnerability allows a local unprivileged attacker to escalate their privileges to SYSTEM level access on the affected system (SecurityWeek, Hacker News).

Fortinet has released patches to address this vulnerability. Users are advised to upgrade FortiClient Windows to version 7.0.3 or above for the 7.0 branch, or version 6.4.7 or above for the 6.4 branch. For version 6.2, users should migrate to a fixed release as all versions are affected (Fortiguard PSIRT).