How severe is CVE-2025-57716?

CVE-2025-57716 has a CVSS v3 score of 6.7 (MEDIUM).

CVE-2025-57716

Name: forticlient
Author: fortinet

6.7MEDIUM

An Uncontrolled Search Path Element vulnerability [CWE-427] in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hi

Опубликовано: 10/14/2025Обновлено: 10/15/2025

Описание

An Uncontrolled Search Path Element vulnerability [CWE-427] in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious DLL to the FortiClient Online Installer installation folder.

ИИ-АнализНа базе ИИ

Затронутые продукты

fortinetforticlient

Ссылки

https://fortiguard.fortinet.com/psirt/FG-IR-25-685
Vendor Advisory