CVE-2024-36513 - Vulnerability Details - OpenCVE

A privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version 7.0.12 and below, 6.4 all versions may allow an authenticated user to escalate their privileges via lua auto patch scripts.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Fortinet	Forticlient Forticlientwindows

Configuration 1 [-]

OR	cpe:2.3:a:fortinet:forticlient::::::windows::*
	cpe:2.3:a:fortinet:forticlient::::::windows::*
	cpe:2.3:a:fortinet:forticlient::::::windows::*

No data.

References

Link	Providers
https://fortiguard.fortinet.com/psirt/FG-IR-24-144

History

Thu, 14 Nov 2024 21:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Fortinet forticlient
CPEs		cpe:2.3:a:fortinet:forticlient::::::windows::*
Vendors & Products		Fortinet forticlient

Tue, 12 Nov 2024 21:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Fortinet Fortinet forticlientwindows
CPEs		cpe:2.3:a:fortinet:forticlientwindows::::::::
Vendors & Products		Fortinet Fortinet forticlientwindows
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 12 Nov 2024 19:00:00 +0000

Type	Values Removed	Values Added
Description		A privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version 7.0.12 and below, 6.4 all versions may allow an authenticated user to escalate their privileges via lua auto patch scripts.
Weaknesses		CWE-270
References		https://fortiguard.fortinet.com/psirt/FG-IR-24-144
Metrics		cvssV3_1 `{'score': 7.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:P/RL:T/RC:C'}`

MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2024-11-12T18:53:41.455Z

Updated: 2024-11-12T20:32:26.256Z

Reserved: 2024-05-29T08:44:50.760Z

Link: CVE-2024-36513

Vulnrichment

Updated: 2024-11-12T20:30:34.073Z

NVD

Status : Analyzed

Published: 2024-11-12T19:15:10.633

Modified: 2024-11-14T20:35:26.093

Link: CVE-2024-36513

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-36513", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2024-05-29T08:44:50.760Z", "datePublished": "2024-11-12T18:53:41.455Z", "dateUpdated": "2024-11-12T20:32:26.256Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiClientWindows", "cpes": [], "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.2.0", "lessThanOrEqual": "7.2.4", "status": "affected"}, {"versionType": "semver", "version": "7.0.0", "lessThanOrEqual": "7.0.12", "status": "affected"}, {"versionType": "semver", "version": "6.4.0", "lessThanOrEqual": "6.4.10", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version 7.0.12 and below, 6.4 all versions may allow an authenticated user to escalate their privileges via lua auto patch scripts."}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2024-11-12T18:53:41.455Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-270", "description": "Escalation of privilege", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:P/RL:T/RC:C"}}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiClientWindows version 7.4.0 or above \nPlease upgrade to FortiClientWindows version 7.2.5 or above \nPlease upgrade to FortiClientWindows version 7.0.13 or above \nPlease upgrade to FortiClientWindows version 6.4.11 or above"}], "references": [{"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-144", "url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-144"}]}, "adp": [{"affected": [{"vendor": "fortinet", "product": "forticlientwindows", "cpes": ["cpe:2.3:a:fortinet:forticlientwindows:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "7.2.0", "status": "affected", "lessThanOrEqual": "7.2.4", "versionType": "semver"}, {"version": "7.0.0", "status": "affected", "lessThanOrEqual": "7.0.12", "versionType": "semver"}, {"version": "6.4.0", "status": "affected", "lessThanOrEqual": "6.4.10", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-12T20:26:43.259237Z", "id": "CVE-2024-36513", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-12T20:32:26.256Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-36513", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-11-12T20:26:43.259237Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:fortinet:forticlientwindows:*:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "forticlientwindows", "versions": [{"status": "affected", "version": "7.2.0", "versionType": "semver", "lessThanOrEqual": "7.2.4"}, {"status": "affected", "version": "7.0.0", "versionType": "semver", "lessThanOrEqual": "7.0.12"}, {"status": "affected", "version": "6.4.0", "versionType": "semver", "lessThanOrEqual": "6.4.10"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-12T20:30:34.073Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:P/RL:T/RC:C", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"cpes": [], "vendor": "Fortinet", "product": "FortiClientWindows", "versions": [{"status": "affected", "version": "7.2.0", "versionType": "semver", "lessThanOrEqual": "7.2.4"}, {"status": "affected", "version": "7.0.0", "versionType": "semver", "lessThanOrEqual": "7.0.12"}, {"status": "affected", "version": "6.4.0", "versionType": "semver", "lessThanOrEqual": "6.4.10"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiClientWindows version 7.4.0 or above \nPlease upgrade to FortiClientWindows version 7.2.5 or above \nPlease upgrade to FortiClientWindows version 7.0.13 or above \nPlease upgrade to FortiClientWindows version 6.4.11 or above"}], "references": [{"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-144", "name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-144"}], "descriptions": [{"lang": "en", "value": "A privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version 7.0.12 and below, 6.4 all versions may allow an authenticated user to escalate their privileges via lua auto patch scripts."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-270", "description": "Escalation of privilege"}]}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2024-11-12T18:53:41.455Z"}}}, "cveMetadata": {"cveId": "CVE-2024-36513", "state": "PUBLISHED", "dateUpdated": "2024-11-12T20:32:26.256Z", "dateReserved": "2024-05-29T08:44:50.760Z", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "datePublished": "2024-11-12T18:53:41.455Z", "assignerShortName": "fortinet"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*", "matchCriteriaId": "4C015491-F83B-4569-B0BB-0877C1D89C66", "versionEndIncluding": "6.4.10", "versionStartIncluding": "6.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*", "matchCriteriaId": "CC29F9A2-9ED8-45C6-AC9F-FB4EEAA7AFF2", "versionEndExcluding": "7.0.13", "versionStartIncluding": "7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*", "matchCriteriaId": "F06CB11B-0726-4E7A-B257-CB71E2237AA7", "versionEndExcluding": "7.2.5", "versionStartIncluding": "7.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version 7.0.12 and below, 6.4 all versions may allow an authenticated user to escalate their privileges via lua auto patch scripts."}, {"lang": "es", "value": "Una vulnerabilidad de error de cambio de contexto de privilegios [CWE-270] en FortiClient Windows versi\u00f3n 7.2.4 y anteriores, versi\u00f3n 7.0.12 y anteriores, 6.4 todas las versiones puede permitir que un usuario autenticado aumente sus privilegios a trav\u00e9s de scripts de parcheo autom\u00e1tico de lua."}], "id": "CVE-2024-36513", "lastModified": "2024-11-14T20:35:26.093", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.5, "impactScore": 6.0, "source": "psirt@fortinet.com", "type": "Secondary"}]}, "published": "2024-11-12T19:15:10.633", "references": [{"source": "psirt@fortinet.com", "tags": ["Vendor Advisory"], "url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-144"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-270"}], "source": "psirt@fortinet.com", "type": "Primary"}]}