PSIRT Advisories

FortiClientWindows & FortiClient EMS - Privilege escalation via DLL Hijacking


An unsafe search path vulnerability  in FortiClient and FortiClient EMS may allow an attacker to perform a DLL Hijack attack on affected devices via a malicious OpenSSL engine library in the search path.

Affected Products

FortiClient 7.0.0
FortiClient 6.4.6 and below.
FortiClient 6.2 all versions
FortiClient 6.0 all versions

FortiClient EMS 7.0.0
FortiClient EMS 6.4.6 and below.
FortiClient EMS 6.2 all versions
FortiClient EMS 6.0  all versions


Please upgrade to FortiClient 7.0.1 or above.

Please upgrade to FortiClient 6.4.7 or above.


Please upgrade to FortiClient EMS 7.0.1 or above.

Please upgrade to FortiClient EMS 6.4.7 or above.


Fortinet is pleased to thank independent researcher AmeenBasha M K, and Ammarit Thongthua and Sumedt Jitpukdebodin of Secure D Research team, for reporting this vulnerability under responsible disclosure.