virus logo PSIRT

FortiClient - Lack of client-side certificate validation in ZTNA service

Summary

An improper certificate validation vulnerability [CWE-295] in FortiClientWindows, FortiClientLinux and FortiClientMac may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiGate and the FortiClient during the ZTNA tunnel creation

Version Affected Solution
FortiClientLinux 7.4 Not affected Not Applicable
FortiClientLinux 7.2 7.2.0 Upgrade to 7.2.1 or above
FortiClientLinux 7.0 7.0.0 through 7.0.11 Upgrade to 7.0.12 or above
FortiClientLinux 6.4 Not affected Not Applicable
FortiClientMac 7.4 Not affected Not Applicable
FortiClientMac 7.2 7.2.0 through 7.2.4 Upgrade to 7.2.5 or above
FortiClientMac 7.0 7.0.0 through 7.0.11 Upgrade to 7.0.12 or above
FortiClientMac 6.4 Not affected Not Applicable
FortiClientWindows 7.4 Not affected Not Applicable
FortiClientWindows 7.2 7.2.0 through 7.2.2 Upgrade to 7.2.3 or above
FortiClientWindows 7.0 7.0.0 through 7.0.11 Upgrade to 7.0.12 or above
FortiClientWindows 6.4 Not affected Not Applicable

Acknowledgement

Fortinet is pleased to thank Christian Hilgers from indevis IT-Consulting and Solutions GmbH for reporting this vulnerability under responsible disclosure

Timeline

2024-09-10: Initial publication
IR Number FG-IR-22-282
Published Date Sep 10, 2024
Severity Medium
CVSSv3 Score 6.4
Impact Information disclosure
CVE ID
Download

CVRF

CSAF