An untrusted search path vulnerability [CWE-426] in FortiClient Windows OpenSSL component may allow an attacker to perform a DLL Hijack attack via a malicious OpenSSL engine library in the search path.
|FortiClientWindows 7.2||7.2.0 through 7.2.1||Upgrade to 7.2.2 or above|
|FortiClientWindows 7.0||7.0.9||Upgrade to 7.0.10 or above|
AcknowledgementFortinet is pleased to thank Alexander Staalgaard from Banshie for reporting this vulnerability under responsible disclosure.
2023-11-06: Initial publication