How severe is CVE-2024-40592?

CVE-2024-40592 has a CVSS v3 score of 7.5 (HIGH).

CVE-2024-40592

Name: forticlient
Author: fortinet

7.5HIGH

An improper verification of cryptographic signature vulnerability [CWE-347] in FortiClient MacOS version 7.4.0, version 7.2.4 and below, version 7.0.10 and below, version 6.4.10 and below may allow a

게시됨: 11/12/2024업데이트됨: 11/14/2024

설명

An improper verification of cryptographic signature vulnerability [CWE-347] in FortiClient MacOS version 7.4.0, version 7.2.4 and below, version 7.0.10 and below, version 6.4.10 and below may allow a local authenticated attacker to swap the installer with a malicious package via a race condition during the installation process.

AI 분석AI 기반

영향받는 제품

fortinetforticlient

7.4.0

참조

https://fortiguard.fortinet.com/psirt/FG-IR-24-022
Vendor Advisory