CVE-2025-47761
HIGHDescription
An Exposed IOCTL with Insufficient Access Control vulnerability [CWE-782] vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.9 may allow an authenticated local user to execute unauthorized code via fortips driver. Success of the attack would require bypassing the Windows memory protections such as Heap integrity and HSP. In addition, it requires a valid and running VPN IPSec connection.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| fortinet | forticlient |
| fortinet | forticlient |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-47761? +
How severe is CVE-2025-47761? +
What products are affected by CVE-2025-47761? +
How do I check if I'm vulnerable to CVE-2025-47761? +
Related Vulnerabilities
ThrottleStop.sys, a legitimate driver, exposes two IOCTL interfaces that allow arbitrary read and write access to physical memory via the …
Netskope was notified about a potential gap in its Netskope Client for Windows systems where a malicious insider with administrative …
An access control deficiency vulnerability exists in ExpressUpdate Agent for Windows. If a malicious user gains access to the product, …
An Exposed IOCTL with Insufficient Access Control vulnerability in AsusPTPFilter allows a local user to bypass driver security mechanisms and …
An issue in the component ControlCenter.sys/ControlCenter64.sys of ThundeRobot Control Center v2.0.0.10 allows attackers to access sensitive information, execute arbitrary code, …
An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via …