An execution with unnecessary privileges vulnerability in the VCM engine of FortiClient for Linux versions 6.2.7 and below, version 6.4.0. may allow local users to elevate their privileges to root by creating a malicious script or program on the target machine.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.