6
CVE-2026-39810
- EPSS 0.1%
- Veröffentlicht 14.04.2026 15:38:21
- Zuletzt bearbeitet 21.04.2026 17:18:59
- Quelle psirt@fortinet.com
- CVE-Watchlists
- Unerledigt
A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5 may allow attacker to information disclosure via decrypting database dump.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Fortinet ≫ Forticlientems Version >= 7.4.0 < 7.4.6
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.1% | 0.011 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| psirt@fortinet.com | 6 | 0.8 | 5.2 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
|
CWE-321 Use of Hard-coded Cryptographic Key
The product uses a hard-coded, unchangeable cryptographic key.
https://fortiguard.fortinet.com/psirt/FG-IR-26-107