CVEFinder.io

CVE-2025-62676

⚠ī¸ high
🔍 Scan for this CVE
Summary

An Improper Link Resolution Before File Access ('Link Following') vulnerability [CWE-59] vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.4, FortiClientWindows 7.2.0 through 7.2.12, FortiClientWindows 7.0 all versions may allow a local low-privilege attacker to perform an arbitrary file write with elevated permissions via crafted named pipe messages.

CVSS Score
7.1
High
EPSS Score
0.0
Exploit Probability
Published Date
2026-02-10
First Seen: 2026-02-11
📊 Relative Risk Intelligence

This CVE is Moderate Risk - more severe than 53.4% of all 321,566 vulnerabilities in our database.

#149,865
Above average severity
Severity Percentile
đŸŽ¯ CISA SSVC Assessment Updated: Feb 10, 2026
🔍 Exploitation Status
None
No known exploits
⚙ī¸ Automatable
NO
Requires human interaction
đŸ’Ĩ Technical Impact
Total
Complete system compromise possible
SSVC data provided by CISA
Last Modified 2026-02-12
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
CWE IDs (Weakness Types)
CWE-59

đŸ“Ļ Affected Products 2

Vendor Product Status Affected Versions
fortinet forticlient Affected
> 7.0.0 < 7.2.13
fortinet forticlient Affected
> 7.4.0 < 7.4.5

🔗 References 1

https://fortiguard.fortinet.com/psirt/FG-IR-25-661
Vendor Advisory

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-44278 ℹī¸ low 2.3 0.0 A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.2, FortiClientWindo... 2026-05-12
CVE-2026-24018 ⚠ī¸ high 7.8 0.0 A UNIX symbolic link (Symlink) following vulnerability in Fortinet FortiClientLinux 7.4.0 through 7.4.4, FortiClientLinu... 2026-03-10
CVE-2025-46373 ⚠ī¸ high 7.8 0.0 A Heap-based Buffer Overflow vulnerability [CWE-122] vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, F... 2025-11-18
CVE-2025-47761 ⚠ī¸ high 7.8 0.0 An Exposed IOCTL with Insufficient Access Control vulnerability [CWE-782] vulnerability in Fortinet FortiClientWindows 7... 2025-11-18
CVE-2025-54660 đŸ”ļ medium 5.5 0.0 An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through ... 2025-11-18
CVE-2025-31365 đŸ”ļ medium 5.8 0.0 An Improper Control of Generation of Code ('Code Injection') vulnerability [CWE-94] in FortiClientMac 7.4.0 through 7.4.... 2025-10-14
These CVEs affect the same products