CVE-2015-4077 — LOW (2.1) — White Hats Nepal

Q: How severe is CVE-2015-4077?

CVE-2015-4077 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-4077?

Check the references section above for vendor advisories and patch information. Affected products include: Fortinet Forticlient.

Vulnerability Description

The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to read arbitrary kernel memory via a 0x22608C ioctl call.

CVSS Score

2.1

LOW

AV:L/AC:L/Au:N/C:P/I:N/A:N

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Fortinet	Forticlient	<= 5.2.3

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2015-4077?

CVE-2015-4077 is a vulnerability with a CVSS score of 2.1 (LOW). The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to read arbitrary kernel memory via a 0x22608C ioc...

How severe is CVE-2015-4077?

CVE-2015-4077 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-4077?

Check the references section above for vendor advisories and patch information. Affected products include: Fortinet Forticlient.