VDB
CVE-2024-50564
CVE-2024-50564
PUBLISHED
Es existiert eine Schwachstelle in Fortinet FortiClient, weil er fest kodierte kryptografische Schlüssel verwendet. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um die Kommunikation zwischen den Prozessen über die Überwachung der named pipe offenzulegen.
EPSS 0.12% · 30.5th percentile
Risk Scores
EPSS Score
0.12%
30.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fortinet | Fortinet FortiClient Windows <7.4.1 |
Timeline
- Jan 14, 2025 CVE Published
- Jan 15, 2025 EPSS Score
- Jan 15, 2025 CVE Updated
- Jan 31, 2025 EPSS Score
- Feb 15, 2025 EPSS Score
- Mar 3, 2025 EPSS Score
- Mar 12, 2025 Coalition ESS Score
- Mar 18, 2025 EPSS Score
- Apr 3, 2025 EPSS Score
- Apr 18, 2025 EPSS Score
- Apr 28, 2025 PoC Published
- May 4, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0071.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0071 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-476 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-078 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-216 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-071 advisory