VDB
CVE-2024-36510
CVE-2024-36510
PUBLISHED
Es existiert eine Schwachstelle in Fortinet FortiClient. Aufgrund einer Diskrepanz in den Antworten auf Anmeldeversuche können gültige Nutzer ermittelt werden. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen.
EPSS 0.47% · 64.8th percentile
Risk Scores
EPSS Score
0.47%
64.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fortinet | Fortinet FortiClient EMS <7.2.5 | |
| Fortinet | Fortinet FortiClient EMS <7.4.1 | |
| Fortinet | Fortinet FortiClient EMS <7.0.11 |
Exploit Intelligence
Timeline
- Jan 14, 2025 CVE Published
- Jan 15, 2025 EPSS Score
- Jan 15, 2025 CVE Updated
- Jan 31, 2025 EPSS Score
- Feb 15, 2025 EPSS Score
- Mar 3, 2025 EPSS Score
- Mar 18, 2025 EPSS Score
- Mar 30, 2025 Coalition ESS Score
- Apr 3, 2025 EPSS Score
- Apr 18, 2025 EPSS Score
- Apr 28, 2025 PoC Published
- May 4, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0071.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0071 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-476 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-078 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-216 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-071 advisory