Fortinet FortiClient IOCTL 220028 Local Privilege Escalation Exploit

The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 ioctl call.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2015-5736
Released Date: 
Monday, October 22, 2018 - 19:00