All intelligence
// vulnerability record
live · NVDCVE-2024-47573
MEDIUMpublished 2025-03-14 15:15 UTC · 1 year ago · modified 2026-06-17 07:57 UTC
6.5
CVSS / 10
// description
An improper validation of integrity check value vulnerability [CWE-354] in FortiNDR version 7.4.2 and below, version 7.2.1 and below, version 7.1.1 and below, version 7.0.6 and below may allow an authenticated attacker with at least Read/Write permission on system maintenance to install a corrupted firmware image.
// cvss 3.1 vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
// weaknesses (CWE)
- CWE-354