How severe is CVE-2024-40592?

CVE-2024-40592 has a CVSS v3 score of 7.5 (HIGH).

CVE-2024-40592

Name: forticlient
Author: fortinet

7.5HIGH

An improper verification of cryptographic signature vulnerability [CWE-347] in FortiClient MacOS version 7.4.0, version 7.2.4 and below, version 7.0.10 and below, version 6.4.10 and below may allow a

公開日: 11/12/2024更新日: 11/14/2024

説明

An improper verification of cryptographic signature vulnerability [CWE-347] in FortiClient MacOS version 7.4.0, version 7.2.4 and below, version 7.0.10 and below, version 6.4.10 and below may allow a local authenticated attacker to swap the installer with a malicious package via a race condition during the installation process.

AI分析AIによる分析

影響を受ける製品

fortinetforticlient

7.4.0

参照

https://fortiguard.fortinet.com/psirt/FG-IR-24-022
Vendor Advisory