CVE-2024-52968

Medium

Published: 11 February 2025

Published

11 February 2025

Modified

16 July 2025

KEV Added

—

Patch

—

CVSS Score 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0003 7.5th percentile

Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Description

An improper authentication in Fortinet FortiClientMac 7.0.11 through 7.2.4 allows attacker to gain improper access to MacOS via empty password.

Security Summary

CVE-2024-52968 is an improper authentication vulnerability (CWE-287) affecting Fortinet FortiClientMac in versions 7.0.11 through 7.2.4. It enables an attacker to gain unauthorized access to macOS by exploiting an empty password mechanism. The vulnerability carries a CVSS v3.1 base score of 6.7 (AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H), indicating medium severity with high impacts on confidentiality, integrity, and availability.

Exploitation requires local access to the system and high privileges (PR:H), such as those held by an administrator or privileged user. A successful attack allows the adversary to bypass authentication controls, potentially leading to full compromise of the macOS environment through improper access granted via the empty password flaw. No user interaction is needed, and the low attack complexity makes it feasible for a privileged local attacker.

Fortinet's advisory (FG-IR-24-300) at https://fortiguard.fortinet.com/psirt/FG-IR-24-300 provides details on mitigation, including recommended patches and workarounds for affected FortiClientMac versions. Security practitioners should consult this reference for version-specific remediation steps.

Details

CWE(s): CWE-287

Affected Products

fortinet

forticlient

7.4.0 · 7.0.11 — 7.0.13 · 7.2.3 — 7.2.5

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-300
Vendor Advisory · psirt@fortinet.com