FortiEDRCollector (Windows) - Protection may be disabled by local attacker

Nov. 14, 2023, 8 a.m. |

FortiGuard Labs | FortiGuard Center - IR Advisories fortiguard.fortinet.com

An improper access control vulnerabilty [CWE-284] in FortiEDRCollectorWindows may allow a local attacker to prevent the collector service to start in the next system reboot by tampering with some registry keys of the service.

access access control attacker control cwe disabled keys local may next protection reboot registry service start system tampering vulnerabilty windows

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - IR Advisories

FortiOS - Web server ETag exposure 3 weeks, 6 days ago | fortiguard.fortinet.com

actor attacker cwe device +17

FortiSandbox - Arbitrary file read on endpoint 3 weeks, 6 days ago | fortiguard.fortinet.com

arbitrary files attacker cwe directory +12

FortiNAC-F - Lack of certificate validation 3 weeks, 6 days ago | fortiguard.fortinet.com

attack attacker certificate channel +12

FortiOS - Format String in CLI command 3 weeks, 6 days ago | fortiguard.fortinet.com

access admin arbitrary code attacker +16

FortiOS & FortiProxy - administrator cookie leakage 3 weeks, 6 days ago | fortiguard.fortinet.com

administrator attacker conditions cookie +10

FortiSandbox - Arbitrary file delete on endpoint 3 weeks, 6 days ago | fortiguard.fortinet.com

arbitrary files attacker cwe delete +13

FortiClientMac - Lack of configuration file validation 3 weeks, 6 days ago | fortiguard.fortinet.com

arbitrary code attacker code configuration +15

FortiManager - Code Injection via Jinja Template 3 weeks, 6 days ago | fortiguard.fortinet.com

arbitrary code attacker code code injection +11

FortiSandbox - Arbitrary file write on CLI leading to arbitrary code execution 3 weeks, 6 days ago | fortiguard.fortinet.com

access admin arbitrary code arbitrary code execution +16

Head of Security Operations

@ Canonical Ltd. | Home based - Americas, EMEA

View on infosec-jobs.com

Security Specialist

@ Lely | Maassluis, Netherlands

View on infosec-jobs.com

Senior Cyber Incident Response (Hybrid)

@ SmartDev | Cầu Giấy, Vietnam

View on infosec-jobs.com

Sr Security Engineer - Colombia

@ Nubank | Colombia, Bogota

View on infosec-jobs.com

Security Engineer, Investigations - i3

@ Meta | Menlo Park, CA | Washington, DC | Remote, US

View on infosec-jobs.com

Cyber Security Engineer

@ ASSYSTEM | Bridgwater, United Kingdom

View on infosec-jobs.com

View more jobs

all InfoSec news

FortiEDRCollector (Windows) - Protection may be disabled by local attacker

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - IR Advisories

Jobs in InfoSec / Cybersecurity

Head of Security Operations

Security Specialist

Senior Cyber Incident Response (Hybrid)

Sr Security Engineer - Colombia

Security Engineer, Investigations - i3

Cyber Security Engineer