An untrusted search path vulnerability [CWE-426] in FortiClient Windows OpenSSL component may allow an attacker to perform a DLL Hijack attack via a malicious OpenSSL engine library in the search path.
|7.2.0 through 7.2.1
|Upgrade to 7.2.2 or above
|Upgrade to 7.0.10 or above
AcknowledgementFortinet is pleased to thank Alexander Staalgaard from Banshie for reporting this vulnerability under responsible disclosure.
2023-11-06: Initial publication