Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • EMS Release Notes

    Home FortiClient 7.2.5 EMS Release Notes
    7.2.5
    7.4.1
    7.4.0
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.9
    6.4.8
    6.4.7
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.8
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0

    Resolved issues

    Resolved issues

    The following issues have been fixed in version 7.2.5. For inquiries about a particular bug or to report a bug, contact Customer Service & Support.

    Administration

    Bug ID

    Description
    1036509 EMS does not log administrator out of GUI based on the configured inactivity timeout when specific widgets are added.

    Install and upgrade

    Bug ID

    Description
    985789 After upgrade to FortiClient Cloud 7.2.2, user cannot sync domain.
    1010309 AD sync does not work since upgrade from EMS 7.2.3.

    Dashboard

    Bug ID

    Description
    974187 Number of endpoints under Out of Sync in EMS dashboard differ from out of sync endpoints under Endpoints pane.
    976000 FortiClient version widget sort order is incorrect due to string comparison.
    978588 EMS widgets in the dashboard never update.

    Endpoint management

    Bug ID

    Description
    917374 The invitation code count does not decrease when endpoints are deleted from EMS.
    974761 LDAP sync issue Cannot insert duplicate key in object 'dbo.FortiClients_users'. occurs.
    981669 Enforced onboarding may cause FortiClient on mobile devices to unregister from EMS.
    987356 User cannot move endpoints between groups on EMS.
    995512 EMS fails to delete domain and shows server error message.
    998207 EMS shows some endpoint users as No User.
    999617 In hybrid Active Directory (AD) environment, devices on EMS have two users (UPN and SAMAccountName).
    1010142 When the hostname of an Azure endpoint changes, EMS creates a duplicate entry and cannot manage the endpoint properly.
    1010861 EMS LDAP sync error failed to update database sync object tables occurs.
    1012080 Exported endpoints CSV list shows incorrect remote IP address for some endpoints.
    1018643 Incorrect username shows for several endpoints in EMS GUI due to | in USR_NAME.
    1019542 EMS shows wrong username associated with endpoint.
    1027417 Incorrectly selected user record.
    1027527 Exporting CSV for filtered endpoint list does not work.
    1028852 FortiClient Cloud Endpoints pane shows No User or incorrect username.
    1030908 EMS does not display correct username on endpoint information for macOS device.
    1032058 EMS displays multiple FortiClients as out-of-sync unless marked as uninstalled.
    1034831 EMS fails to run group assignment rule due to Data Access Server Error, Error: DAS returned error: Internal error error.
    1040963 Social user information processing fails due to : in USR_NAME.
    1056690 Hostname of the endpoint device is blank.

    Endpoint policy and profile

    Bug ID

    Description
    868534 Web Filter profile synced from FortiGate keeps disabled status links in the exception list.
    976029 EMS sends REVOKE when profile changes.
    984437 EMS fails to assign Microsoft Entra ID user-based policy.
    1002075 EMS does not update assigned policy or deployment package after GAR triggers.
    1006059 EMS Azure security groups do not match with users correctly.
    1017064 Endpoints do not get the correct profile.
    1020480 EMS does not assign device a group_container_parent, resulting in no endpoint policy assigned.
    1037992 EMS cannot import Web Filter profile from a particular administrative domain in FortiManager.

    Fortinet Security Fabric devices

    Bug ID

    Description
    986035 EMS /FortiGate API message change causes EMS to no longer support FortiOS 7.2.
    990863 Zero trust network access (ZTNA) tags do not sync correctly between non-default EMS site and FortiGate.
    1058260 Due to FortiClient keepalive and tag worker timing, tag notifications can be missed when FortiClient comes online.

    Remote Access - SSL VPN

    Bug ID

    Description
    1044769 FortiClient fails to establish VPN connection if it cannot reach the internet until <disable_internet_check> is enabled.

    Vulnerability Scan

    Bug ID

    Description
    954584 EMS reports endpoint vulnerability when Vulnerability Scan feature is disabled or not installed on endpoint.

    Multitenancy

    Bug ID

    Description
    1052268 Site disappears from EMS after renaming.

    Onboarding

    Bug ID

    Description
    989006 Azure external user SAML authorization has issue with # character in the name.
    997697 EMS denies endpoint registration attempt due to LDAP authentication failure.

    Deployment and installers

    Bug ID

    Description
    773672 Disabling installer ID in FortiClient installer does not take effect.
    982536 When Entra ID device belongs to two Entra ID groups, deployment policy cannot match the endpoint.
    1029510 EMS does not remove deployment checkmark when moving endpoints out of deployment groups.

    Zero Trust tagging

    Bug ID

    Description
    1003279 ZTNA AD tag evaluated on EMS does not work as expected with hybrid AD environment.
    1008496 AD group zero trust tag rule stops working.
    1024820 Deleting ZTNA tags temporarily unassigns other tags.
    1037111 Zero Trust tagging rules do not allow for custom operating system versions.
    1056225 EMS cannot use domain tag in Azure hybrid domain environment.

    Endpoint control

    Bug ID

    Description
    999081 When pushing endpoint certificates EMS also pushes ZCONF when that configuration is already up-to-date for the endpoint.
    1002476 Disconnecting FortiClient from EMS using password does not work.
    1014009 EMS blocks new reimaged renamed device from connecting to EMS when it is not in the endpoint list.

    Performance

    Bug ID

    Description
    955037 Searching for an endpoint takes up to five minutes.

    Logs

    Bug ID

    Description
    956383 Log files are not rotated based on log settings from the GUI.

    Upgrade

    Bug ID

    Description
    990711 Duplicate rule names display in ZTNA Destination after upgrading EMS from 7.2.2 to 7.2.3.
    993235 After upgrading EMS from 7.2.1 to 7.2.3, FortiClient does not link the IP and MAC address information of the PC to the FortiGate.

    GUI

    Bug ID

    Description
    987768 Zero Trust Tag Monitor page has GUI issues.
    987926 Vulnerability Events are not visible on EMS GUI.
    1004777 Invitations page displays error: Server encountered an error.

    System Settings

    Bug ID

    Description
    864900 Endpoint alerts send multiple emails for the same alert.
    1019744 Signature and new installer download fails when Enable SSL is enabled in FortiGuard Services.
    1045221 EMS fails to renew ACME certificate due to "Default.fems.fsg-hosting.com": Domain name contains an invalid character error.

    Zero Trust Telemetry

    Bug ID

    Description
    1023404 Classification tags IP address information does not update on FortiGate unless user deletes and readds tag on EMS.

    Other

    Bug ID

    Description
    872871 CSV export file is missing some fields.
    914170 Allowlist & Restore option is missing under Quarantine Management.
    976654 User cannot restore EMS from backup for same patch with different interim build number.
    1019826 When a FortiClient switches VPN IP addresses, EMS receives the new IP address, then drops both connection entries in the database.

    Common Vulnerabilities and Exposures

    Bug ID

    Description

    959857

    FortiClient EMS 7.2.5 is no longer vulnerable to the following CVE References:

    • CVE-2024-21753

    Visit https://fortiguard.com/psirt for more information.

    1024586

    FortiClient EMS 7.2.5 is no longer vulnerable to the following CVE References:

    • CVE-2024-33508

    Visit https://fortiguard.com/psirt for more information.
    Previous
    Next

    Resolved issues

    Resolved issues

    The following issues have been fixed in version 7.2.5. For inquiries about a particular bug or to report a bug, contact Customer Service & Support.

    Administration

    Bug ID

    Description
    1036509 EMS does not log administrator out of GUI based on the configured inactivity timeout when specific widgets are added.

    Install and upgrade

    Bug ID

    Description
    985789 After upgrade to FortiClient Cloud 7.2.2, user cannot sync domain.
    1010309 AD sync does not work since upgrade from EMS 7.2.3.

    Dashboard

    Bug ID

    Description
    974187 Number of endpoints under Out of Sync in EMS dashboard differ from out of sync endpoints under Endpoints pane.
    976000 FortiClient version widget sort order is incorrect due to string comparison.
    978588 EMS widgets in the dashboard never update.

    Endpoint management

    Bug ID

    Description
    917374 The invitation code count does not decrease when endpoints are deleted from EMS.
    974761 LDAP sync issue Cannot insert duplicate key in object 'dbo.FortiClients_users'. occurs.
    981669 Enforced onboarding may cause FortiClient on mobile devices to unregister from EMS.
    987356 User cannot move endpoints between groups on EMS.
    995512 EMS fails to delete domain and shows server error message.
    998207 EMS shows some endpoint users as No User.
    999617 In hybrid Active Directory (AD) environment, devices on EMS have two users (UPN and SAMAccountName).
    1010142 When the hostname of an Azure endpoint changes, EMS creates a duplicate entry and cannot manage the endpoint properly.
    1010861 EMS LDAP sync error failed to update database sync object tables occurs.
    1012080 Exported endpoints CSV list shows incorrect remote IP address for some endpoints.
    1018643 Incorrect username shows for several endpoints in EMS GUI due to | in USR_NAME.
    1019542 EMS shows wrong username associated with endpoint.
    1027417 Incorrectly selected user record.
    1027527 Exporting CSV for filtered endpoint list does not work.
    1028852 FortiClient Cloud Endpoints pane shows No User or incorrect username.
    1030908 EMS does not display correct username on endpoint information for macOS device.
    1032058 EMS displays multiple FortiClients as out-of-sync unless marked as uninstalled.
    1034831 EMS fails to run group assignment rule due to Data Access Server Error, Error: DAS returned error: Internal error error.
    1040963 Social user information processing fails due to : in USR_NAME.
    1056690 Hostname of the endpoint device is blank.

    Endpoint policy and profile

    Bug ID

    Description
    868534 Web Filter profile synced from FortiGate keeps disabled status links in the exception list.
    976029 EMS sends REVOKE when profile changes.
    984437 EMS fails to assign Microsoft Entra ID user-based policy.
    1002075 EMS does not update assigned policy or deployment package after GAR triggers.
    1006059 EMS Azure security groups do not match with users correctly.
    1017064 Endpoints do not get the correct profile.
    1020480 EMS does not assign device a group_container_parent, resulting in no endpoint policy assigned.
    1037992 EMS cannot import Web Filter profile from a particular administrative domain in FortiManager.

    Fortinet Security Fabric devices

    Bug ID

    Description
    986035 EMS /FortiGate API message change causes EMS to no longer support FortiOS 7.2.
    990863 Zero trust network access (ZTNA) tags do not sync correctly between non-default EMS site and FortiGate.
    1058260 Due to FortiClient keepalive and tag worker timing, tag notifications can be missed when FortiClient comes online.

    Remote Access - SSL VPN

    Bug ID

    Description
    1044769 FortiClient fails to establish VPN connection if it cannot reach the internet until <disable_internet_check> is enabled.

    Vulnerability Scan

    Bug ID

    Description
    954584 EMS reports endpoint vulnerability when Vulnerability Scan feature is disabled or not installed on endpoint.

    Multitenancy

    Bug ID

    Description
    1052268 Site disappears from EMS after renaming.

    Onboarding

    Bug ID

    Description
    989006 Azure external user SAML authorization has issue with # character in the name.
    997697 EMS denies endpoint registration attempt due to LDAP authentication failure.

    Deployment and installers

    Bug ID

    Description
    773672 Disabling installer ID in FortiClient installer does not take effect.
    982536 When Entra ID device belongs to two Entra ID groups, deployment policy cannot match the endpoint.
    1029510 EMS does not remove deployment checkmark when moving endpoints out of deployment groups.

    Zero Trust tagging

    Bug ID

    Description
    1003279 ZTNA AD tag evaluated on EMS does not work as expected with hybrid AD environment.
    1008496 AD group zero trust tag rule stops working.
    1024820 Deleting ZTNA tags temporarily unassigns other tags.
    1037111 Zero Trust tagging rules do not allow for custom operating system versions.
    1056225 EMS cannot use domain tag in Azure hybrid domain environment.

    Endpoint control

    Bug ID

    Description
    999081 When pushing endpoint certificates EMS also pushes ZCONF when that configuration is already up-to-date for the endpoint.
    1002476 Disconnecting FortiClient from EMS using password does not work.
    1014009 EMS blocks new reimaged renamed device from connecting to EMS when it is not in the endpoint list.

    Performance

    Bug ID

    Description
    955037 Searching for an endpoint takes up to five minutes.

    Logs

    Bug ID

    Description
    956383 Log files are not rotated based on log settings from the GUI.

    Upgrade

    Bug ID

    Description
    990711 Duplicate rule names display in ZTNA Destination after upgrading EMS from 7.2.2 to 7.2.3.
    993235 After upgrading EMS from 7.2.1 to 7.2.3, FortiClient does not link the IP and MAC address information of the PC to the FortiGate.

    GUI

    Bug ID

    Description
    987768 Zero Trust Tag Monitor page has GUI issues.
    987926 Vulnerability Events are not visible on EMS GUI.
    1004777 Invitations page displays error: Server encountered an error.

    System Settings

    Bug ID

    Description
    864900 Endpoint alerts send multiple emails for the same alert.
    1019744 Signature and new installer download fails when Enable SSL is enabled in FortiGuard Services.
    1045221 EMS fails to renew ACME certificate due to "Default.fems.fsg-hosting.com": Domain name contains an invalid character error.

    Zero Trust Telemetry

    Bug ID

    Description
    1023404 Classification tags IP address information does not update on FortiGate unless user deletes and readds tag on EMS.

    Other

    Bug ID

    Description
    872871 CSV export file is missing some fields.
    914170 Allowlist & Restore option is missing under Quarantine Management.
    976654 User cannot restore EMS from backup for same patch with different interim build number.
    1019826 When a FortiClient switches VPN IP addresses, EMS receives the new IP address, then drops both connection entries in the database.

    Common Vulnerabilities and Exposures

    Bug ID

    Description

    959857

    FortiClient EMS 7.2.5 is no longer vulnerable to the following CVE References:

    • CVE-2024-21753

    Visit https://fortiguard.com/psirt for more information.

    1024586

    FortiClient EMS 7.2.5 is no longer vulnerable to the following CVE References:

    • CVE-2024-33508

    Visit https://fortiguard.com/psirt for more information.
    Previous
    Next