← Volver a CVEs
CVE-2024-36513
HIGH8.2
Descripcion
A privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version 7.0.12 and below, 6.4 all versions may allow an authenticated user to escalate their privileges via lua auto patch scripts.
Detalles CVE
Puntuacion CVSS v3.18.2
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioREQUIRED
Publicado11/12/2024
Ultima modificacion11/14/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
fortinet:forticlient
Debilidades (CWE)
CWE-270
Referencias
https://fortiguard.fortinet.com/psirt/FG-IR-24-144(psirt@fortinet.com)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.