A now-patched, high-severity bug in Fortinet’s FortiClient VPN application potentially allows a low-privilege rogue user or malware on a vulnerable Windows system to gain higher privileges from another user, execute code and possibly take over the box, and delete log files. The bug is tracked as CVE-2024-47574, and it earned a 7.8 out of 10 CVSS severity rating.

Source: The Register