CVE-2024-36513

A privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version 7.0.12 and below, 6.4 all versions may allow an authenticated user to escalate their privileges via lua auto patch scripts.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*
cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*
cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*

History

14 Nov 2024, 20:35

Type Values Removed Values Added
CPE cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*
First Time Fortinet
Fortinet forticlient
CVSS v2 : unknown
v3 : 8.2
v2 : unknown
v3 : 8.8
References () https://fortiguard.fortinet.com/psirt/FG-IR-24-144 - () https://fortiguard.fortinet.com/psirt/FG-IR-24-144 - Vendor Advisory

13 Nov 2024, 17:01

Type Values Removed Values Added
Summary
  • (es) Una vulnerabilidad de error de cambio de contexto de privilegios [CWE-270] en FortiClient Windows versión 7.2.4 y anteriores, versión 7.0.12 y anteriores, 6.4 todas las versiones puede permitir que un usuario autenticado aumente sus privilegios a través de scripts de parcheo automático de lua.

12 Nov 2024, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-12 19:15

Updated : 2024-11-14 20:35


NVD link : CVE-2024-36513

Mitre link : CVE-2024-36513

CVE.ORG link : CVE-2024-36513


JSON object : View

Products Affected

fortinet

  • forticlient
CWE
CWE-270

Privilege Context Switching Error