PT-2025-41963 · Fortinet · Forticlientmac

Published

2025-10-14

Updated

2025-10-16

CVE-2025-57741

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions FortiClientMac versions 7.0 through 7.2.11 FortiClientMac versions 7.4.0 through 7.4.3

Description An incorrect permission assignment for a critical resource may allow a local attacker to run arbitrary code or commands via LaunchDaemon hijacking. The flaw involves improper permission configurations that enable the execution of arbitrary code or commands.

Recommendations Update FortiClientMac to a version later than 7.2.11. Update FortiClientMac to a version later than 7.4.3.

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

BDU:2026-05212

CVE-2025-57741

Affected Products

Forticlientmac

PT-2025-41963 · Fortinet · Forticlientmac

CVE-2025-57741

Weakness Enumeration

Related Identifiers

Affected Products

References · 7