CVE-2024-36507

Summary

A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0 allows an attacker to run arbitrary code via DLL hijacking and social engineering.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiClientWindows7.4.0affected
FortinetFortiClientWindows7.2.0 <= 7.2.4affected
FortinetFortiClientWindows7.0.0 <= 7.0.12affected

Weaknesses

  • CWE-426: Execute unauthorized code or commands

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References