Helient Blog

Helient Systems : Urgent Security Update: FortiClient Windows DLL Hijacking Vulnerability - Helient Systems Response

Written by Helient Webmaster | Nov 16, 2023 9:50:13 AM

Fortinet has identified a critical security vulnerability in FortiClient for Windows.

Details:

The vulnerability, specifically concerning the openssl.cnf file in FortiClient for Windows, is a DLL Hijacking issue (CWE-426). It allows attackers to execute a DLL Hijack attack by placing a malicious OpenSSL engine library in the search path. This vulnerability poses a significant threat as it can enable unauthorized actions, including code execution and data access.

Affected Versions:

  • FortiClientWindows 7.2 (7.2.0 through 7.2.1)
  • FortiClientWindows 7.0 (7.0.9)

Recommended Solutions:

Remember, timely updates are your first line of defense against potential cyber threats!

  • Upgrade FortiClientWindows 7.2 (7.2.0 through 7.2.1) to version 7.2.2 or later.
  • Upgrade FortiClientWindows 7.0 (7.0.9) to version 7.0.10 or later.

The vulnerability, labeled FG-IR-23-274, is part of a security update issued by Fortinet addressing issues in both FortiClient and FortiGate.

How We Can Help:

We recognize the challenges that can accompany implementing critical security updates. That’s why our team of industry-leading networking experts stands ready to offer guidance and support. For a smooth and effective upgrade process, contact us at service@helient.com.