CVE-2025-54660

216.73.216.233

· Published 18/11/2025 17:16 · Modified 20/11/2025 14:35

Labels: CVE-2025-54660 2025-11-18 CVE-2025-54660 CWE-489 [email protected]

Essential information

Published: 18/11/2025 17:16
Modified: 20/11/2025 14:35
Author: —
Creator: —
CVSS: 5.5 MEDIUM (v3.1)
CISA KEV: No
CWE: —
CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS metrics

Description

An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.10, FortiClientWindows 7.0 all versions may allow a local attacker to run the application step by step and retrieve the saved VPN user password

NVD status

Status: Analyzed — CVE has had analysis completed and all data associations made.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
fortinet / forticlient	`cpe:2.3:a:fortinet:forticlient::::::windows::*`
fortinet / forticlient	`cpe:2.3:a:fortinet:forticlient::::::windows::*`