Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
eliasz28
New Contributor

Created on ‎03-19-2025 02:33 AM

FortiClient VPN v7.4.2.1737 Using EOL Version of OpenSSL Library v3.1.7

Hello Fortinet Community,

I recently updated to the latest version of FortiClient VPN v7.4.2.1737 software and noticed that it is using an End-of-Life (EOL) version of the OpenSSL library, specifically v3.1.7. Given the importance of maintaining up-to-date security protocols, I am concerned about the potential vulnerabilities associated with using an outdated library.

Could anyone provide information on whether Fortinet has plans to address this issue in upcoming updates? Is there a timeline for when a fix might be implemented?

The affected paths are:
c:\program files\fortinet\forticlient\libcrypto-3-x64.dll
c:\program files\fortinet\forticlient\libssl-3-x64.dll
c:\program files\fortinet\forticlient\x86\libcrypto-3.dll
c:\program files\fortinet\forticlient\x86\libssl-3.dll



Labels:
134
0 Kudos
2 REPLIES 2
MZBZ
Staff
Staff

Created on ‎03-19-2025 08:42 PM

FortiClient 7.4.2 was released before EOL date of OpenSSL 3.1 (2025-03-14)

https://openssl-library.org/policies/releasestrat/

Newer versions will use updated library files if required.

M. B.
93
0 Kudos
MZBZ
Staff
Staff

Created on ‎03-21-2025 05:32 PM Edited on ‎03-21-2025 05:32 PM

OpenSSL libraries will be updated in the next release of FortiClient.

Thank you for reporting this.

M. B.
32
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.