OR
     *cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:* versions from (including) 6.0.0 up to (including) 6.0.9
     *cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:* versions from (including) 6.2.0 up to (including) 6.2.9
     *cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:* versions from (including) 6.4.0 up to (excluding) 6.4.7
     *cpe:2.3:a:fortinet:forticlient:7.0.0:*:*:*:*:windows:*:*
     *cpe:2.3:a:fortinet:forticlient_enterprise_management_server:*:*:*:*:*:*:*:* versions from (including) 6.0.0 up to (including) 6.0.6
     *cpe:2.3:a:fortinet:forticlient_enterprise_management_server:*:*:*:*:*:*:*:* versions from (including) 6.2.0 up to (including) 6.2.9
     *cpe:2.3:a:fortinet:forticlient_enterprise_management_server:*:*:*:*:*:*:*:* versions from (including) 6.4.0 up to (excluding) 6.4.7
     *cpe:2.3:a:fortinet:forticlient_enterprise_management_server:7.0.0:*:*:*:*:*:*:*

NIST (AV:L/AC:M/Au:N/C:C/I:C/A:C)

Victim must voluntarily interact with attack mechanism

NIST AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

NIST CWE-427

https://fortiguard.com/advisory/FG-IR-21-088 No Types Assigned

https://fortiguard.com/advisory/FG-IR-21-088 Vendor Advisory