FortiClient SSL-VPN versions 5.4 and below suffer from a clear text password memory extraction vulnerability.