Improper Authentication in FortiClientEMS
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2024-32119 |
| CWE-ID | CWE-287 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
FortiClientEMS Other software / Other software solutions |
| Vendor | Fortinet, Inc |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Improper Authentication
EUVDB-ID: #VU111044
Risk: Medium
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-32119
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate or delete data.
The vulnerability exists due to improper authentication. An unauthenticated attacker with the knowledge of the targeted user's fctuid and vdom can perform operations such as uploading or tagging on behalf of the targeted user via specially crafted TCP requests.
MitigationInstall update from vendor's website.
Vulnerable software versionsFortiClientEMS: 6.2.0 - 7.4.3
CPE2.3- cpe:2.3:a:fortinet:forticlientems:6.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:fortinet:forticlientems:6.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:fortinet:forticlientems:6.2.2:*:*:*:*:*:*:*
https://www.fortiguard.com/psirt/FG-IR-23-375
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
