CNNVD-202511-2023 Information
CNNVD ID
CNNVD-202511-2023
Related CVE
- CNNVD Published: 2025-11-18
Description (Chinese)
Fortinet FortiClientWindows是美国飞塔(Fortinet)公司的一套基于Windows平台的移动终端安全解决方案。该方案与FortiGate防火墙设备连接时可提供IPsec和SSL加密、广域网优化、终端合规和双因子认证等功能。 Fortinet FortiClientWindows 7.4.0版本至7.4.3版本、7.2.0版本至7.2.10版本和7.0所有版本存在安全漏洞,该漏洞源于活动调试代码,可能导致检索保存的VPN用户密码。
Description (English)
Fortinet Forest Windows is a mobile terminal security solution based on the Windows platform of Fortinet. The program, when connected to FortiGate firewall equipment, provides the functionality of IPsec and SSL encryption, wide area network optimization, terminal compliance and dual-factor authentication. There is a security loophole in Fortinet Fortium Windows version 7.4.0 to version 7.4.3, version 7.2.0 to version 7.2.10 and all version 7.0, which originates from the active debugging code and may lead to the retrieval of the stored VPN user password.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
飞塔
Published
2025-11-18
Last Modified
2026-02-24
References
https://fortiguard.fortinet.com/psirt/FG-IR-25-844 https://access.redhat.com/security/cve/cve-2025-54660 https://vigilance.fr/vulnerability/FortiClientWindows-information-disclosure-via-Debug-Code-Saved-VPN-User-Password-48807
Patch
https://fortiguard.fortinet.com/psirt/FG-IR-25-844
Share on: