How severe is CVE-2024-40592?

CVE-2024-40592 has a CVSS v3 score of 7.5 (HIGH).

CVE-2024-40592

Name: forticlient
Author: fortinet

7.5HIGH

An improper verification of cryptographic signature vulnerability [CWE-347] in FortiClient MacOS version 7.4.0, version 7.2.4 and below, version 7.0.10 and below, version 6.4.10 and below may allow a

Publicado: 11/12/2024Actualizado: 11/14/2024

Descripción

An improper verification of cryptographic signature vulnerability [CWE-347] in FortiClient MacOS version 7.4.0, version 7.2.4 and below, version 7.0.10 and below, version 6.4.10 and below may allow a local authenticated attacker to swap the installer with a malicious package via a race condition during the installation process.

Análisis IAImpulsado por IA

Productos Afectados

fortinetforticlient

7.4.0

Referencias

https://fortiguard.fortinet.com/psirt/FG-IR-24-022
Vendor Advisory