A privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version 7.0.12 and below, 6.4 all versions may allow an authenticated user to escalate their privileges via lua auto patch scripts.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.fortinet.com/psirt/FG-IR-24-144 |
History
Thu, 14 Nov 2024 21:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Fortinet forticlient
|
|
CPEs | cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:* | |
Vendors & Products |
Fortinet forticlient
|
Tue, 12 Nov 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Fortinet
Fortinet forticlientwindows |
|
CPEs | cpe:2.3:a:fortinet:forticlientwindows:*:*:*:*:*:*:*:* | |
Vendors & Products |
Fortinet
Fortinet forticlientwindows |
|
Metrics |
ssvc
|
Tue, 12 Nov 2024 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version 7.0.12 and below, 6.4 all versions may allow an authenticated user to escalate their privileges via lua auto patch scripts. | |
Weaknesses | CWE-270 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2024-11-12T18:53:41.455Z
Updated: 2024-11-12T20:32:26.256Z
Reserved: 2024-05-29T08:44:50.760Z
Link: CVE-2024-36513
Vulnrichment
Updated: 2024-11-12T20:30:34.073Z
NVD
Status : Analyzed
Published: 2024-11-12T19:15:10.633
Modified: 2024-11-14T20:35:26.093
Link: CVE-2024-36513
Redhat
No data.