CVE-2026-39810 | THREATINT

Description

A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5 may allow attacker to information disclosure via decrypting database dump.

PUBLISHED Reserved 2026-04-07 | Published 2026-04-14 | Updated 2026-04-14 | Assigner fortinet

MEDIUM: 5.2CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C

Problem types

Information disclosure

Product status

Default status

unaffected

7.4.3 (semver)

affected

7.4.0 (semver)

affected

References

fortiguard.fortinet.com/psirt/FG-IR-26-107

cve.org (CVE-2026-39810)

nvd.nist.gov (CVE-2026-39810)

Download JSON