← Volver a CVEs
CVE-2024-36507
HIGH7.3
Descripcion
A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0 allows an attacker to run arbitrary code via DLL hijacking and social engineering.
Detalles CVE
Puntuacion CVSS v3.17.3
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioREQUIRED
Publicado11/12/2024
Ultima modificacion11/14/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
fortinet:forticlient
Debilidades (CWE)
CWE-426CWE-426
Referencias
https://fortiguard.fortinet.com/psirt/FG-IR-24-205(psirt@fortinet.com)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.