EUVD-2026-29730
Use of Hard-coded Cryptographic Key (CWE-321)
GHSA-5f54-54jr-q897
2.3
CVSS 3.1
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
Lifecycle Timeline
3
CVSS changed
May 12, 2026 - 18:22 NVD
2.1 (LOW)
2.3 (LOW)
Analysis Generated
May 12, 2026 - 18:01 vuln.today
CVE Published
May 12, 2026 - 16:54 nvd
LOW 2.1
DescriptionNVD
A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.2, FortiClientWindows 7.2 all versions may allow attacker to information disclosure via <insert attack vector here>
AnalysisAI
Fortinet FortiClient Windows versions 7.2 (all) and 7.4.0 through 7.4.2 contain a hard-coded cryptographic key vulnerability that allows high-privileged local attackers to disclose sensitive information. The vulnerability requires local access and administrator-level privileges, limiting its real-world exploitation scope to threats already present on compromised systems or malicious insiders. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Share
External POC / Exploit Code
Leaving vuln.today
Destination URL
POC code from unknown sources may be malicious, contain backdoors, or be fake.
Always review and test exploit code in a safe, isolated environment (VM/sandbox).
Verify the source reputation and cross-reference with known databases (Exploit-DB, GitHub Security).