A use of hard-coded credentials vulnerability [CWE-798] in FortiClient for Windows may allow an attacker to bypass system protections via the use of static credentials.
|FortiClientWindows 7.2||7.2.0 through 7.2.1||Upgrade to 7.2.2 or above|
|FortiClientWindows 7.0||7.0.0 through 7.0.9||Upgrade to 7.0.10 or above|
AcknowledgementFortinet is pleased to thank Hanafiah Muhamad from One NZ for reporting this vulnerability under responsible disclosure.
2023-11-06: Initial publication