CVE-2022-26118 Information

Description

A privilege chaining vulnerability [CWE-268] in FortiManager and FortiAnalyzer 6.0.x 6.2.x 6.4.0 through 6.4.7 7.0.0 through 7.0.3 may allow a local and authenticated attacker with a restricted shell to escalate their privileges to root due to incorrect permissions of some folders and executable files on the system.

Reference

https://fortiguard.com/psirt/FG-IR-21-056