CVE-2015-1453

Name of the Vulnerable Software and Affected Versions FortiClient version 5.2.3.091

Description The issue concerns the use of a hardcoded encryption key in the qm class, which can be leveraged by attackers to decrypt sensitive data, including passwords, stored in the Shared Preferences.

Recommendations For FortiClient version 5.2.3.091, consider updating to a newer version that does not use a hardcoded encryption key, or contact the vendor for specific guidance on securing the affected component. As a temporary workaround, restrict access to sensitive data stored in the Shared Preferences to minimize the risk of exploitation.