Vulnerability Details CVE-2025-24473
A exposure of sensitive system information to an unauthorized control sphere vulnerability in Fortinet FortiClientWindows 7.2.0 through 7.2.1, FortiClientWindows 7.0.13 through 7.0.14 may allow an unauthorized remote attacker to view application information via navigation to a hosted webpage, if Windows is configured to accept incoming connections to port 8053 (non-default setup)
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.4%
CVSS Severity
CVSS v3 Score 3.7
Products affected by CVE-2025-24473
-
cpe:2.3:a:fortinet:forticlient:7.2.0
-
cpe:2.3:a:fortinet:forticlient:7.2.1