Basic version of FortiClient VPN asks to give full disk permission

For some time now, I’ve been using FortiClient (Console) to connect to VPNs. The application is working just fine, so why does Fortinet ask me every 3 days to give it Full Disk Access in order to “enhance security”? I don’t think giving a VPN client full disk access would improve my security—in fact, I believe it could do the opposite.

As far as I know, the fctservctl component is responsible for communications and security operations. I understand giving this permission to a solution that includes advanced features like device scanning, antivirus, and endpoint protection. However, even with the upgraded version of FortiClient, which offers extended capabilities, I still don’t see why it requires this level of access specifically for VPN functionality.

This version acknowledges the upgraded capabilities while questioning the necessity of Full Disk Access for the VPN features.

I found this post from 2 years ago:

https://www.reddit.com/r/fortinet/comments/107eovh/fortinets_vpnonly_software_constantly_asking_for/

It mentions it was also an issue 4 years ago.

It’s possibly a hangover from the vulnerability scanning portions of the fuller versions of the client, though it should obviously not be present in the VPN only version.

Seriously, this is very annoying.

Yeah bad deal on Fortinet part.

The app developer might not be very interested in delivering quality services, I guess.