Overview
- Description
- A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0, and 6.4.10 through 6.4.0 allows low privilege attacker to execute arbitrary code with high privilege via spoofed named pipe messages.
- Source
- psirt@fortinet.com
- NVD status
- Awaiting Analysis
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Weaknesses
- psirt@fortinet.com
- CWE-288
Social media
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
Fortinet fixes FortiClient VPN Flaw CVE-2024-47574 #Fortinet #FortiClient #CVE-2024-47574 #CVE-2024-50564 https://t.co/Y2V1WER5LW
@pravin_karthik
15 Nov 2024
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-47574, a 7.8 CVSS vulnerability, affects specific FortiClientWindows versions. Patch released—update now. https://t.co/kq90qZD6cH #fortinet #cve #vulnerability #CybersecurityNews #threatresq
@ThreatResq
15 Nov 2024
2 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-47574 Authentication Bypass Exploit in FortiClientWindows Enables Arbitrary Code Execution In Fortinet FortiClientWindows, versions 7.4.0, 7.2.4 to 7.2.0, 7.0.12 to 7.0.0, and 6.4.10 to 6.4.0, there is a... https://t.co/xzkc4kcqvD
@VulmonFeeds
13 Nov 2024
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes