PSIRT Advisory

FortiClient Unencrypted Password Vulnerability

Summary

One of the processes in FortiClient stores VPN credentials unencrypted in memory. A malicious attacker who compromised the workstation could dump the credentials.

Description

One of the processes in FortiClient stores VPN credentials unencrypted in memory. A malicious attacker who compromised the workstation could dump the credentials.

Impact

Credentials exposure.

Affected Products

FortiClient 5.4.0 and below

Solutions

Upgrade to FortiClient 5.4.1  

Acknowledgement

Fortinet is pleased to thank Alexander Korznikov for reporting this vulnerability under responsible disclosure.