How severe is CVE-2025-57716?

CVE-2025-57716 has a CVSS v3 score of 6.7 (MEDIUM).

CVE-2025-57716

Name: forticlient
Author: fortinet

6.7MEDIUM

An Uncontrolled Search Path Element vulnerability [CWE-427] in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hi

Veröffentlicht: 10/14/2025Aktualisiert: 10/15/2025

Beschreibung

An Uncontrolled Search Path Element vulnerability [CWE-427] in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious DLL to the FortiClient Online Installer installation folder.

KI-AnalyseKI-gestützt

Betroffene Produkte

fortinetforticlient

Referenzen

https://fortiguard.fortinet.com/psirt/FG-IR-25-685
Vendor Advisory