CVE-2023-44248 - Vulnerability Details - OpenCVE

An improper access control vulnerability [CWE-284] in FortiEDRCollectorWindows version 5.2.0.4549 and below, 5.0.3.1007 and below, 4.0 all may allow a local attacker to prevent the collector service to start in the next system reboot by tampering with some registry keys of the service.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Fortinet	Fortiedr Fortiedrcollectorwindows

Configuration 1 [-]

OR	cpe:2.3:a:fortinet:fortiedr::::::windows::*
	cpe:2.3:a:fortinet:fortiedr::::::windows::*
	cpe:2.3:a:fortinet:fortiedr:4.0.0:::::windows::

No data.

References

Link	Providers
https://fortiguard.com/psirt/FG-IR-23-306

History

Wed, 14 Jan 2026 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 14 Jan 2026 14:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Fortinet fortiedrcollectorwindows
CPEs		cpe:2.3:a:fortinet:fortiedrcollectorwindows:5.0.0:::::::* cpe:2.3:a:fortinet:fortiedrcollectorwindows:5.0.1:::::::* cpe:2.3:a:fortinet:fortiedrcollectorwindows:5.0.2:::::::*
Vendors & Products		Fortinet fortiedrcollectorwindows

MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2023-11-14T18:05:53.643Z

Updated: 2026-01-14T13:47:33.233Z

Reserved: 2023-09-27T12:26:48.750Z

Link: CVE-2023-44248

Vulnrichment

Updated: 2024-08-02T19:59:51.928Z

NVD

Status : Modified

Published: 2023-11-14T18:15:54.470

Modified: 2024-11-21T08:25:30.957

Link: CVE-2023-44248

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-44248", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2023-09-27T12:26:48.750Z", "datePublished": "2023-11-14T18:05:53.643Z", "dateUpdated": "2026-01-14T13:47:33.233Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiEDR CollectorWindows", "cpes": ["cpe:2.3:a:fortinet:fortiedrcollectorwindows:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiedrcollectorwindows:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiedrcollectorwindows:5.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "5.0.0", "lessThanOrEqual": "5.0.2", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "An improper access control vulnerability [CWE-284] in\u00a0FortiEDRCollectorWindows version 5.2.0.4549 and below, 5.0.3.1007 and below, 4.0 all may allow a local attacker to prevent the collector service to start in the next system reboot by tampering with some registry keys of the service."}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2026-01-14T13:47:33.233Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-284", "description": "Denial of service", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:X/RC:R"}}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiEDRCollectorWindows version 5.2.0.4581 or above\nPlease upgrade to FortiEDRCollectorWindows version 5.0.3.1016 or above"}], "references": [{"name": "https://fortiguard.com/psirt/FG-IR-23-306", "url": "https://fortiguard.com/psirt/FG-IR-23-306"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:59:51.928Z"}, "title": "CVE Program Container", "references": [{"name": "https://fortiguard.com/psirt/FG-IR-23-306", "url": "https://fortiguard.com/psirt/FG-IR-23-306", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-30T18:11:43.737058Z", "id": "CVE-2023-44248", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-30T18:11:55.384Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://fortiguard.com/psirt/FG-IR-23-306", "name": "https://fortiguard.com/psirt/FG-IR-23-306", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:59:51.928Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-44248", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-30T18:11:43.737058Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-30T18:11:49.977Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:X/RC:R", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}}], "affected": [{"cpes": ["cpe:2.3:a:fortinet:fortiedrcollectorwindows:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiedrcollectorwindows:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiedrcollectorwindows:5.0.0:*:*:*:*:*:*:*"], "vendor": "Fortinet", "product": "FortiEDR CollectorWindows", "versions": [{"status": "affected", "version": "5.0.0", "versionType": "semver", "lessThanOrEqual": "5.0.2"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiEDRCollectorWindows version 5.2.0.4581 or above\nPlease upgrade to FortiEDRCollectorWindows version 5.0.3.1016 or above"}], "references": [{"url": "https://fortiguard.com/psirt/FG-IR-23-306", "name": "https://fortiguard.com/psirt/FG-IR-23-306"}], "descriptions": [{"lang": "en", "value": "An improper access control vulnerability [CWE-284] in\u00a0FortiEDRCollectorWindows version 5.2.0.4549 and below, 5.0.3.1007 and below, 4.0 all may allow a local attacker to prevent the collector service to start in the next system reboot by tampering with some registry keys of the service."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "Denial of service"}]}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2026-01-14T13:47:33.233Z"}}}, "cveMetadata": {"cveId": "CVE-2023-44248", "state": "PUBLISHED", "dateUpdated": "2026-01-14T13:47:33.233Z", "dateReserved": "2023-09-27T12:26:48.750Z", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "datePublished": "2023-11-14T18:05:53.643Z", "assignerShortName": "fortinet"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortiedr:*:*:*:*:*:windows:*:*", "matchCriteriaId": "1A10D784-1ED4-46CC-AEB0-F006F8B0E16E", "versionEndIncluding": "5.0.3.1007", "versionStartIncluding": "5.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiedr:*:*:*:*:*:windows:*:*", "matchCriteriaId": "2AF2B177-B287-4C8F-B1F4-42D3051D5EC7", "versionEndIncluding": "5.2.0.4549", "versionStartIncluding": "5.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiedr:4.0.0:*:*:*:*:windows:*:*", "matchCriteriaId": "895977DC-C7C4-422F-BCAC-B2B46582A912", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An improper access control vulnerability [CWE-284] in\u00a0FortiEDRCollectorWindows version 5.2.0.4549 and below, 5.0.3.1007 and below, 4.0 all may allow a local attacker to prevent the collector service to start in the next system reboot by tampering with some registry keys of the service."}, {"lang": "es", "value": "Una vulnerabilidad de control de acceso inadecuado [CWE-284] en FortiEDRCollectorWindows versi\u00f3n 5.2.0.4549 y anteriores, 5.0.3.1007 y anteriores, 4.0 puede permitir que un atacante local impida que el servicio recopilador se inicie en el siguiente reinicio del sistema alterando algunas claves de registro del servicio."}], "id": "CVE-2023-44248", "lastModified": "2024-11-21T08:25:30.957", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 3.6, "source": "psirt@fortinet.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-11-14T18:15:54.470", "references": [{"source": "psirt@fortinet.com", "tags": ["Vendor Advisory"], "url": "https://fortiguard.com/psirt/FG-IR-23-306"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://fortiguard.com/psirt/FG-IR-23-306"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "psirt@fortinet.com", "type": "Secondary"}]}