How severe is CVE-2024-40592?

CVE-2024-40592 has a CVSS v3 score of 7.5 (HIGH).

CVE-2024-40592

Name: forticlient
Author: fortinet

7.5HIGH

An improper verification of cryptographic signature vulnerability [CWE-347] in FortiClient MacOS version 7.4.0, version 7.2.4 and below, version 7.0.10 and below, version 6.4.10 and below may allow a

Published: 11/12/2024Updated: 11/14/2024

Description

An improper verification of cryptographic signature vulnerability [CWE-347] in FortiClient MacOS version 7.4.0, version 7.2.4 and below, version 7.0.10 and below, version 6.4.10 and below may allow a local authenticated attacker to swap the installer with a malicious package via a race condition during the installation process.

AI AnalysisPowered by AI

Affected Products

fortinetforticlient

7.4.0

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-022
Vendor Advisory