{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-39810", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2026-04-07T15:24:09.072Z", "datePublished": "2026-04-14T15:38:21.194Z", "dateUpdated": "2026-04-14T17:41:54.082Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiClientEMS", "cpes": ["cpe:2.3:a:fortinet:forticlientems:7.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticlientems:7.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticlientems:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticlientems:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticlientems:7.4.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.4.3", "lessThanOrEqual": "7.4.5", "status": "affected"}, {"versionType": "semver", "version": "7.4.0", "lessThanOrEqual": "7.4.1", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5 may allow attacker to information disclosure via decrypting database dump."}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2026-04-14T17:41:54.082Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-321", "description": "Information disclosure", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C"}}], "solutions": [{"lang": "en", "value": "Upgrade to FortiClientEMS version 7.4.6 or above"}], "references": [{"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-107", "url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-107"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-39810", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-14T16:25:24.721264Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T16:46:15.215Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-39810", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-14T16:25:24.721264Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T16:37:08.715Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"cpes": ["cpe:2.3:a:fortinet:forticlientems:7.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticlientems:7.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticlientems:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticlientems:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticlientems:7.4.0:*:*:*:*:*:*:*"], "vendor": "Fortinet", "product": "FortiClientEMS", "versions": [{"status": "affected", "version": "7.4.3", "versionType": "semver", "lessThanOrEqual": "7.4.5"}, {"status": "affected", "version": "7.4.0", "versionType": "semver", "lessThanOrEqual": "7.4.1"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade to FortiClientEMS version 7.4.6 or above"}], "references": [{"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-107", "name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-107"}], "descriptions": [{"lang": "en", "value": "A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5 may allow attacker to information disclosure via decrypting database dump."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-321", "description": "Information disclosure"}]}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2026-04-14T17:41:54.082Z"}}}, "cveMetadata": {"cveId": "CVE-2026-39810", "state": "PUBLISHED", "dateUpdated": "2026-04-14T17:41:54.082Z", "dateReserved": "2026-04-07T15:24:09.072Z", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "datePublished": "2026-04-14T15:38:21.194Z", "assignerShortName": "fortinet"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5 may allow attacker to information disclosure via decrypting database dump."}], "id": "CVE-2026-39810", "lastModified": "2026-04-17T15:11:35.840", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.2, "source": "psirt@fortinet.com", "type": "Secondary"}]}, "published": "2026-04-14T16:16:45.173", "references": [{"source": "psirt@fortinet.com", "url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-107"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-321"}], "source": "psirt@fortinet.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[7.4.3,7.4.5]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[7.4.0,7.4.1]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "inferred", "scores": [{"score": 100.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "FortiClientEMS", "source": "cna", "vendor": "Fortinet"}, "product": "forticlientems", "vendor": "fortinet"}], "analysis": {"en": {"generated_at": "2026-04-14T20:47:23.289855+00:00", "value": {"mitigation_remediation": ["Upgrade to FortiClientEMS version 7.4.6 or later."], "summary": {"action": "Patch Upgrade", "impact": "Information Disclosure"}, "threat_synthesis": {"affected_systems": "Affected systems include Fortinet FortiClientEMS on all impacted releases: version 7.4.0, 7.4.1, 7.4.3, 7.4.4, and 7.4.5. Users running any of these versions should verify their deployment and assess whether the local database is at risk of being exposed.", "description_and_impact": "The vulnerability arises from the use of a hard\u2011coded cryptographic key in FortiClientEMS versions 7.4.0 through 7.4.5. This flaw allows an attacker to decrypt database dumps, potentially exposing sensitive information stored within the client database. The primary impact is the compromise of data confidentiality, as the decryption of the database would reveal user or system data that was intended to remain protected.", "risk_and_exploitability": "The CVSS score of 5.2 indicates a medium severity level. EPSS data is unavailable, and the vulnerability is not currently listed in the KEV catalog, implying that publicly known exploits are not recorded. Based on the description, it is inferred that the attacker would need to obtain a database dump and to use the hard\u2011coded key for decryption, meaning local or privileged access is likely required. Regardless, the confidentiality impact warrants prompt remediation through the recommended vendor update."}}}}, "created": "2026-04-15T14:41:09.657789+00:00", "title": "Hard\u2011coded Cryptographic Key Allows Information Disclosure in FortiClientEMS", "updated": "2026-04-15T15:30:06.817504+00:00", "vendors": ["fortinet", "fortinet$PRODUCT$forticlientems"]}