A use of hard-coded credentials vulnerability [CWE-798] in FortiClient for Windows may allow an attacker to bypass system protections via the use of static credentials.
|7.2.0 through 7.2.1
|Upgrade to 7.2.2 or above
|7.0.0 through 7.0.9
|Upgrade to 7.0.10 or above
AcknowledgementFortinet is pleased to thank Hanafiah Muhamad from One NZ for reporting this vulnerability under responsible disclosure.
2023-11-06: Initial publication