### [CVE-2021-32592](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32592)
![](https://img.shields.io/static/v1?label=Product&message=Fortinet%20FortiClientWindows%2C%20FortiClientEMS&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=FortiClientWindows%207.0.0%2C%206.4.6%20and%20below%2C%206.2.x%2C%206.0.x%3B%20FortiClientEMS%207.0.0%2C%206.4.6%20and%20below%2C%206.2.x%2C%206.0.x%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Execute%20unauthorized%20code%20or%20commands&color=brightgreen)

### Description

An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x and FortiClientEMS 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x may allow an attacker to perform a DLL Hijack attack on affected devices via a malicious OpenSSL engine library in the search path.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/chnzzh/OpenSSL-CVE-lib