VDB
CVE-2024-47574
CVE-2024-47574
PUBLISHED
Es existiert eine Schwachstelle in Fortinet FortiClient für Windows. Die Ursache ist eine Umgehung der Zugriffskontrolle unter Verwendung eines alternativen Pfades oder Kanals. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code mit hohen Rechten über gefälschte Named Pipe-Nachrichten auszuführen.
EPSS 0.03% · 7.4th percentile
Risk Scores
EPSS Score
0.03%
7.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fortinet | Fortinet FortiClient <7.4.1 | |
| Fortinet | Fortinet FortiClient <7.0.13 | |
| Fortinet | Fortinet FortiClient <7.2.5 |
Exploit Intelligence
- CIRCL seen: CVE-2024-47574 (circl-sighting)
- CIRCL seen: CVE-2024-47574 (circl-sighting)
- CIRCL seen: CVE-2024-47574 (circl-sighting)
- CIRCL seen: CVE-2024-47574 (circl-sighting)
- https://fortiguard.fortinet.com/psirt/FG-IR-24-199 (circl)
Timeline
- Nov 12, 2024 PoC Published
- Nov 12, 2024 CVE Published
- Nov 13, 2024 Coalition ESS Score
- Nov 13, 2024 PoC Published
- Nov 13, 2024 PoC Published
- Nov 14, 2024 EPSS Score
- Nov 14, 2024 Coalition ESS Score
- Nov 15, 2024 PoC Published
- Dec 3, 2024 EPSS Score
- Dec 20, 2024 EPSS Score
- Jan 7, 2025 EPSS Score
- Jan 24, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3450.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3450 advisory
- https://fortiguard.fortinet.com/psirt/FG-IR-24-022 advisory
- https://fortiguard.fortinet.com/psirt/FG-IR-24-144 advisory
- https://fortiguard.fortinet.com/psirt/FG-IR-24-199 advisory
- https://fortiguard.fortinet.com/psirt/FG-IR-24-205 advisory