CVE-2026-44278

A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.2, FortiClientWindows 7.2 all versions may allow attacker to information disclosure via...

CVE-2025-54660

An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.10, FortiClientWindows 7.0 all versions may allow a local attacker to run the application step by step and retrieve the saved VPN user password...

CVE-2025-46373

A Heap-based Buffer Overflow vulnerability CWE-122 vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.8 may allow an authenticated local IPSec user to execute arbitrary code or commands via "fortips74.sys". The attacker would need to bypass the...

CVE-2025-54660

An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.10, FortiClientWindows 7.0 all versions may allow a local attacker to run the application step by step and retrieve the saved VPN user password...

EUVD-2025-198012

An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.10, FortiClientWindows 7.0 all versions may allow a local attacker to run the application step by step and retrieve the saved VPN user password...

EUVD-2017-16371

Malware in sbrugna...

EUVD-2018-20788

Malware in sbrugna...

The vulnerability of Fortinet FortiClient Windows security devices, which stems from the use of a strictly encrypted cryptographic key, allows attackers to gain unauthorized access to protected information.

The vulnerability of Fortinet FortiClient Windows protection lies in the use of a strictly encrypted cryptographic key. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

CVE-2025-24473

A exposure of sensitive system information to an unauthorized control sphere vulnerability in Fortinet FortiClientWindows 7.2.0 through 7.2.1, FortiClientWindows 7.0.13 through 7.0.14 may allow an unauthorized remote attacker to view application information via navigation to a hosted webpage, if...

The vulnerability of Fortinet FortiClient Windows security devices, related to the use of an insecure search path, allows attackers to execute arbitrary code.

The vulnerability of Fortinet FortiClient Windows protection devices is related to the use of an insecure lookup path. Exploiting this vulnerability allows attackers to execute arbitrary code...

The vulnerability of the Fortinet FortiClient for Windows installer and the FortiClient Enterprise Management Server (EMS) allows a perpetrator to execute arbitrary code.

The vulnerability of the Fortinet FortiClient for Windows installer and the FortiClient Enterprise Management Server EMS is related to an uncontrolled DLL search process. Exploiting this vulnerability allows a attacker to execute arbitrary code using a specially crafted DLL library...

CVE-2018-9190

A null pointer dereference vulnerability in Fortinet FortiClientWindows 6.0.2 and earlier allows attacker to cause a denial of service via the NDIS miniport driver...

Fortinet FortiClient Windows Elevation of Privilege Vulnerability

Fortinet FortiClient Windows is a Windows-based mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. A privilege-lifting vulnerability...

CVE-2017-14184

An Information Disclosure vulnerability in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2334 and below versions allows regular users to see each other's VPN authentication credentials due to...