A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0 allows an attacker to run arbitrary code via DLL hijacking and social engineering.
References
Link | Resource |
---|---|
https://fortiguard.fortinet.com/psirt/FG-IR-24-205 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
14 Nov 2024, 20:31
Type | Values Removed | Values Added |
---|---|---|
First Time |
Fortinet
Fortinet forticlient |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CPE | cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:* cpe:2.3:a:fortinet:forticlient:7.4.0:*:*:*:*:windows:*:* |
|
References | () https://fortiguard.fortinet.com/psirt/FG-IR-24-205 - Vendor Advisory |
13 Nov 2024, 17:01
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
12 Nov 2024, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-11-12 19:15
Updated : 2024-11-14 20:31
NVD link : CVE-2024-36507
Mitre link : CVE-2024-36507
CVE.ORG link : CVE-2024-36507
JSON object : View
Products Affected
fortinet
- forticlient
CWE
CWE-426
Untrusted Search Path