CVE-2022-40681: 
FortiClient vulnerability analysis and mitigation

A critical authorization vulnerability (CVE-2022-40681) was discovered in Fortinet FortiClient for Windows versions 7.0.0-7.0.7, 6.4.0-6.4.9, 6.2.0-6.2.9, and 6.0.0-6.0.10. The vulnerability was initially published on November 14, 2023, and allows an attacker to cause denial of service through crafted requests to a specific named pipe. The issue was identified and reported by Daniel Hulliger from Armasuisse CYD Campus under responsible disclosure (Fortinet Advisory).

The vulnerability is classified as an incorrect authorization issue (CWE-863) that affects the Windows version of FortiClient. It received a CVSS v3.1 base score of 7.1 (High), with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H. The vulnerability requires local access and low privileges to exploit (NVD, Fortinet Advisory).

When successfully exploited, this vulnerability allows a local low-privileged attacker to perform arbitrary file deletion in the device filesystem, potentially leading to denial of service conditions (Fortinet Advisory).

Fortinet has released patches to address this vulnerability. Users of FortiClient Windows 7.0.x should upgrade to version 7.0.8 or above, while users of version 6.4.x should upgrade to 6.4.9 or above. For versions 6.2 and 6.0, users are advised to migrate to a fixed release. Version 7.2 is not affected by this vulnerability (Fortinet Advisory).