FortiClient (Linux) - Improper directories permissions


An incorrect permission assignment for critical resource vulnerability [CWE-732] in FortiClient for Linux may allow an unauthenticated attacker to access sensitive information in log files and directories via symbolic links.

Affected Products

FortiClientLinux version 6.0.0 through 6.0.8
FortiClientLinux version 6.2.0 through 6.2.9
FortiClientLinux version 6.4.0 through 6.4.7
FortiClientLinux version 7.0.0 through 7.0.2


Please upgrade to FortiClientLinux version 7.0.3

Please upgrade to FortiClientLinux version 6.4.8