CVE-2024-36507

A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0 allows an attacker to run arbitrary code via DLL hijacking and social engineering.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*
cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*
cpe:2.3:a:fortinet:forticlient:7.4.0:*:*:*:*:windows:*:*

History

14 Nov 2024, 20:31

Type Values Removed Values Added
First Time Fortinet
Fortinet forticlient
CVSS v2 : unknown
v3 : 7.3
v2 : unknown
v3 : 7.8
CPE cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*
cpe:2.3:a:fortinet:forticlient:7.4.0:*:*:*:*:windows:*:*
References () https://fortiguard.fortinet.com/psirt/FG-IR-24-205 - () https://fortiguard.fortinet.com/psirt/FG-IR-24-205 - Vendor Advisory

13 Nov 2024, 17:01

Type Values Removed Values Added
Summary
  • (es) Una ruta de búsqueda no confiable en Fortinet FortiClientWindows versiones 7.4.0, versiones 7.2.4 a 7.2.0, versiones 7.0.12 a 7.0.0 permite a un atacante ejecutar código arbitrario a través del secuestro de DLL e ingeniería social.

12 Nov 2024, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-12 19:15

Updated : 2024-11-14 20:31


NVD link : CVE-2024-36507

Mitre link : CVE-2024-36507

CVE.ORG link : CVE-2024-36507


JSON object : View

Products Affected

fortinet

  • forticlient
CWE
CWE-426

Untrusted Search Path