CVE-2025-54660
published 2025-11-18CVE-2025-54660: An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.10, FortiClientWindows 7.0 all…
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.10, FortiClientWindows 7.0 all versions may allow a local attacker to run the application step by step and retrieve the saved VPN user password
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | forticlient | — | — |
| fortinet | forticlient | >= 7.0.0 < 7.2.11 | 7.2.11 |
| fortinet | forticlient | >= 7.4.0 < 7.4.4 | 7.4.4 |
| fortinet | forticlientwindows | — | — |
| fortinet | forticlientwindows | 7.0.0 – 7.0.14 | — |
| fortinet | forticlientwindows | 7.2.0 – 7.2.10 | — |
| fortinet | forticlientwindows | 7.4.0 – 7.4.3 | — |
| fortinet | fortinet | — | — |