CVSSv3 Score:
2.1
A Missing Authorization [CWE-862] in FortiClient Windows may allow an authenticated local attacker to decrypt a currently logged in users VPN password via use of an unprotected DLL function.
Revised on 2026-05-12 00:00:00
