Fortinet FortiClient Windows Hard-Coded Cryptographic Key Vulnerability Allowing Decryption of Interprocess Communication

A vulnerability exists in Fortinet FortiClient for Windows in versions 7.4.0, 7.2.x (all versions), 7.0.x (all versions), and 6.4.x (all versions). The issue arises from the use of a hard-coded cryptographic key, which may enable a low-privileged user to decrypt interprocess communication by monitoring named pipes.

Impact

Exploitation of this vulnerability could lead to unauthorized decryption of interprocess communication, potentially allowing interception of sensitive data.