CVE-2024-36513

Published Nov 12, 2024

Last updated 3 months ago

CVSS high 8.8

Overview

Description
A privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version 7.0.12 and below, 6.4 all versions may allow an authenticated user to escalate their privileges via lua auto patch scripts.
Source
psirt@fortinet.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
8.8
Impact score
6
Exploitability score
2
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Severity
HIGH

Weaknesses

psirt@fortinet.com
CWE-270

Social media

Hype score
Not currently trending

  1. برای برخی محصولات Fortinet شامل : FortiOS و FortiAnalyzer و FortiClient چندین آسیب پذیری Critical با کدهای شناسایی CVE-2024-23666 و CVE-2024-36513 و CVE-2023-50176 منتشر شده است. این آسیب پذیری ها از نوع Hijack session و privilege escalation می باشند. https://t.co/Poz3aKYxT1 http

    @AmirHossein_sec

    15 Nov 2024

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🔴New vulnerability was just published🔴 CVE ➡️ CVE-2024-36513 Impacting ➡️ forticlient CVSS ➡️ 8.8 #cve #securitricks #vulnerability #cybersecurity https://t.co/HxJFVCIcck

    @SecuriTricks

    15 Nov 2024

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨 FortiClient #Windows Vulnerability: Patch Now (#CVE-2024-36513) https://t.co/JMxO72qTc0

    @UndercodeNews

    15 Nov 2024

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2024-36513 A privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version 7.0.12 and below, 6.4 all versions may allow an au… https://t.co/TLAurq5yGj

    @CVEnew

    13 Nov 2024

    330 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References