First published: Tue Nov 14 2023(Updated: )
A use of hard-coded credentials vulnerability in Fortinet FortiClient Windows 7.0.0 - 7.0.9 and 7.2.0 - 7.2.1 allows an attacker to bypass system protections via the use of static credentials.
|Affected Software||Affected Version||How to fix|
|Fortinet FortiClient Windows||>=7.0.0<=7.0.9|
|Fortinet FortiClient Windows||=7.2.0|
|Fortinet FortiClient Windows||=7.2.1|
The vulnerability ID for this issue is CVE-2023-33304.
The severity of CVE-2023-33304 is medium.
CVE-2023-33304 affects Fortinet FortiClient versions 7.0.0 - 7.0.9 and 7.2.0 - 7.2.1 on Windows.
An attacker can exploit CVE-2023-33304 by bypassing system protections using hard-coded credentials.
Yes, Fortinet has released a fix for CVE-2023-33304. It is recommended to update to the latest version of Fortinet FortiClient.