How severe is CVE-2025-57716?

CVE-2025-57716 has a CVSS v3 score of 6.7 (MEDIUM).

CVE-2025-57716

Name: forticlient
Author: fortinet

6.7MEDIUM

An Uncontrolled Search Path Element vulnerability [CWE-427] in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hi

Published: 10/14/2025Updated: 10/15/2025

Description

An Uncontrolled Search Path Element vulnerability [CWE-427] in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious DLL to the FortiClient Online Installer installation folder.

AI AnalysisPowered by AI

Affected Products

fortinetforticlient

References

https://fortiguard.fortinet.com/psirt/FG-IR-25-685
Vendor Advisory