High severity7.5NVD Advisory· Published Apr 26, 2018· Updated Jun 17, 2026
CVE-2017-17543
CVE-2017-17543
Description
Users' VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2335 and below versions, due to the use of a static encryption key and weak encryption algorithms.
Affected products
6- Range: <=5.6.0
- Range: <=5.6.0
- Range: <=4.4.2335
- Fortinet, Inc./FortiClient for Mac OSXv5Range: 5.6.0 and below versions
- Fortinet, Inc./FortiClient for Windowsv5Range: 5.6.0 and below versions
- Fortinet, Inc./FortiClient SSLVPN Client for Linuxv5Range: 4.4.2335 and below versions
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.