An improper symlink following in FortiClient for Mac 6.4.3 and below may allow an non-privileged user to execute arbitrary privileged shell commands during installation phase.

Related CVEs

CVE-2021-26089

Key Information

GHSA ID

GHSA-778f-2fc2-jrq9

Published

May 24, 2022 7:07 PM

Last Modified

May 24, 2022 7:07 PM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: August 11, 2025 6:32 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.