CVE-2015-1453

CVE Database · CVE-2015-1453

CVE-2015-1453

· N/AModified

CVSS v3.1

N/A

EPSS

0.77%

Published

Feb 2, 2015

Modified

May 6, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The qm class in Fortinet FortiClient 5.2.3.091 for Android uses a hardcoded encryption key of FoRtInEt!AnDrOiD, which makes it easier for attackers to obtain passwords and possibly other sensitive data by leveraging the key to decrypt data in the Shared Preferences.

Weaknesses (CWE)

CWE-310

Affected Products (1)

fortinet · forticlientvulnerable

References (6)

http://seclists.org/fulldisclosure/2015/Jan/124

Exploit

http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiClient_Multiple_Vulnerabilities.pdf

Exploit

http://www.securityfocus.com/bid/72383

http://seclists.org/fulldisclosure/2015/Jan/124

Exploit

http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiClient_Multiple_Vulnerabilities.pdf

Exploit

http://www.securityfocus.com/bid/72383

KEV Catalog EPSS Scores Vendors All CVEs