Endpoint Vulnerability

FortiClient CVE-2025-57716 Uncontrolled Search Path Element Vulnerability

Description

CWE-427 Uncontrolled Search Path Element allows a local low-privileged user to hijack DLLs by placing a malicious DLL in the FortiClient Windows installer folder, affecting FortiClient 7.0-7.4.3.

Affected Applications

FortiClient

Version Updates

Date	Version	Status	Detail
2025-10-16	1.00923	New	FortiClient

References

https://www.fortiguard.com/psirt/FG-IR-25-685

ID	6250
Created	Oct 16, 2025
Description Updated	Jan 16, 2026
CVE ID
Risk
Coverage	FortiClient
OS	Windows
Vendor	Fortinet
Patch	manual
Application	FortiClient

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Endpoint Vulnerability

FortiClient CVE-2025-57716 Uncontrolled Search Path Element Vulnerability

Description

Affected Applications

Version Updates

References

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Endpoint Vulnerability

FortiClient CVE-2025-57716 Uncontrolled Search Path Element Vulnerability

Description

Affected Applications

Version Updates

References

Threat Intelligence
Center