216.73.216.169

CVE-2024-36507

· Published 12/11/2024 19:15 · Modified 14/11/2024 20:31

Labels: CVE-2024-36507 2024-11-12CVE-2024-36507CWE-426[email protected]

Essential information

Published
12/11/2024 19:15
Modified
14/11/2024 20:31
Author
Creator
CVSS
7.3 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CVSS metrics

Description

A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0 allows an attacker to run arbitrary code via DLL hijacking and social engineering.

NVD status

Status
Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
fortinet / forticlient cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*
fortinet / forticlient cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*
fortinet / forticlient cpe:2.3:a:fortinet:forticlient:7.4.0:*:*:*:*:windows:*:*

References