CVE-2024-47574
published 2024-11-13CVE-2024-47574: A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0, and 6.4.10 through 6.4.0 allows low privilege attacker to execute arbitrary code with high privilege via spoofed named pipe messages.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | forticlient | — | — |
| fortinet | forticlient | — | — |
| fortinet | forticlient | >= 6.4.0 < 7.0.13 | 7.0.13 |
| fortinet | forticlient | >= 7.2.0 < 7.2.5 | 7.2.5 |
| fortinet | forticlientwindows | — | — |
| fortinet | forticlientwindows | — | — |
| fortinet | forticlientwindows | 6.4.0 – 6.4.10 | — |
| fortinet | forticlientwindows | 7.0.0 – 7.0.12 | — |
| fortinet | forticlientwindows | 7.2.0 – 7.2.4 | — |
| fortinet | fortinet | — | — |