How severe is CVE-2025-57716?

CVE-2025-57716 has a CVSS v3 score of 6.7 (MEDIUM).

CVE-2025-57716

Name: forticlient
Author: fortinet

6.7MEDIUM

An Uncontrolled Search Path Element vulnerability [CWE-427] in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hi

Publicado: 10/14/2025Actualizado: 10/15/2025

Descripción

An Uncontrolled Search Path Element vulnerability [CWE-427] in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious DLL to the FortiClient Online Installer installation folder.

Análisis IAImpulsado por IA

Productos Afectados

fortinetforticlient

Referencias

https://fortiguard.fortinet.com/psirt/FG-IR-25-685
Vendor Advisory