Low-privilege attacker can execute arbitrary code with high privileges via spoofed named pipe messages
CVE-2024-47574

Currently unrated

Key Information:

Vendor: Fortinet
Vendor: CVE Published:; 13 November 2024

Badges

👾 Exploit Exists

Summary

A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0, and 6.4.10 through 6.4.0 allows low privilege attacker to execute arbitrary code with high privilege via spoofed named pipe messages.

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-199

Timeline

👾
Exploit known to exist
Nov 14, 2024
Vulnerability published
Nov 13, 2024

Collectors

NVD Database