FortiClientEMS & FortiClient - Telemetry protocol is vulnerable to a MitM Vulnerability
Fortinet PSIRT Advisories
Fortinet PSIRT Contact:
Website: https://fortiguard.fortinet.com/faq/psirt-contact
FG-IR-21-075
Final
1
1
2021-12-07T00:00:00
Current version
2021-12-07T00:00:00
2021-12-07T00:00:00
A combination of a use of hard-coded cryptographic key vulnerability [CWE-321] in FortiClientEMS and an improper certificate validation vulnerability [CWE-297] in FortiClientWindows, FortiClientLinux and FortiClientMac may allow an unauthenticated and network adjacent attacker to perform a man-in-the-middle attack between the EMS and the FCT via the telemetry protocol.
None
Improper access control
FortiClientEMS version 7.0.1 and below.FortiClientEMS version 6.4.6 and below.FortiClientWindows version 7.0.1 and below.FortiClientWindows version 6.4.6 and below.FortiClientLinux version 7.0.1 and below.FortiClientLinux version 6.4.6 and below.FortiClientMac version 7.0.1 and below.FortiClientMac version 6.4.6 and below.
Please ugrade to FortiClientEMS version 7.0.2 or above.Please ugrade to FortiClientEMS version 6.4.7 or above.Please upgrade to FortiClientWindows 7.0.2 or above.Please upgrade to FortiClientWindows 6.4.7 or above.Please upgrade to FortiClientLinux 7.0.2 or above.Please upgrade to FortiClientLinux 6.4.7 or above.Please upgrade to FortiClientMac 7.0.2 or above.Please upgrade to FortiClientMac 6.4.7 or above.
Fortinet is pleased to thank Steven Shockley for reporting this vulnerability under responsible disclosure.
FortiClientEMS 7.0.1
FortiClientEMS 7.0.0
FortiClientEMS 6.4.4
FortiClientEMS 6.4.3
FortiClientEMS 6.4.2
FortiClientEMS 6.4.1
FortiClientEMS 6.4.0
FortiClientEMS 6.2.9
FortiClientEMS 6.2.8
FortiClientEMS 6.2.7
FortiClientEMS 6.2.6
FortiClientEMS 6.2.4
FortiClientEMS 6.2.3
FortiClientEMS 6.2.2
FortiClientEMS 6.2.1
FortiClientEMS 6.2.0
FortiClientLinux 7.0.1
FortiClientLinux 7.0.0
FortiClientLinux 6.4.4
FortiClientLinux 6.4.3
FortiClientLinux 6.4.2
FortiClientLinux 6.4.1
FortiClientLinux 6.4.0
FortiClientLinux 6.2.9
FortiClientLinux 6.2.8
FortiClientLinux 6.2.7
FortiClientLinux 6.2.6
FortiClientLinux 6.2.4
FortiClientLinux 6.2.3
FortiClientLinux 6.2.2
FortiClientLinux 6.2.1
FortiClientLinux 6.2.0
FortiClientMac 7.0.1
FortiClientMac 7.0.0
FortiClientMac 6.4.6
FortiClientMac 6.4.5
FortiClientMac 6.4.4
FortiClientMac 6.4.3
FortiClientMac 6.4.2
FortiClientMac 6.4.1
FortiClientMac 6.4.0
FortiClientMac 6.2.9
FortiClientMac 6.2.8
FortiClientMac 6.2.7
FortiClientMac 6.2.6
FortiClientMac 6.2.5
FortiClientMac 6.2.4
FortiClientMac 6.2.3
FortiClientMac 6.2.2
FortiClientMac 6.2.1
FortiClientMac 6.2.0
FortiClientMac 6.0.10
FortiClientMac 6.0.9
FortiClientMac 6.0.8
FortiClientMac 6.0.7
FortiClientMac 6.0.6
FortiClientMac 6.0.5
FortiClientMac 6.0.4
FortiClientMac 6.0.3
FortiClientMac 6.0.2
FortiClientMac 6.0.1
FortiClientWindows 7.0.1
FortiClientWindows 7.0.0
FortiClientWindows 6.4.6
FortiClientWindows 6.4.5
FortiClientWindows 6.4.4
FortiClientWindows 6.4.3
FortiClientWindows 6.4.2
FortiClientWindows 6.4.1
FortiClientWindows 6.4.0
FortiClientWindows 6.2.9
FortiClientWindows 6.2.8
FortiClientWindows 6.2.7
FortiClientWindows 6.2.6
FortiClientWindows 6.2.5
FortiClientWindows 6.2.4
FortiClientWindows 6.2.3
FortiClientWindows 6.2.2
FortiClientWindows 6.2.1
FortiClientWindows 6.2.0
FortiClientWindows 6.0.10
FortiClientWindows 6.0.9
FortiClientWindows 6.0.8
FortiClientWindows 6.0.7
FortiClientWindows 6.0.6
FortiClientWindows 6.0.5
FortiClientWindows 6.0.4
FortiClientWindows 6.0.3
FortiClientWindows 6.0.2
FortiClientWindows 6.0.1
FortiClientWindows 6.0.0
FortiClientEMS & FortiClient - Telemetry protocol is vulnerable to a MitM Vulnerability
CVE-2021-41028
FortiClientEMS-7.0.1
FortiClientEMS-7.0.0
FortiClientEMS-6.4.4
FortiClientEMS-6.4.3
FortiClientEMS-6.4.2
FortiClientEMS-6.4.1
FortiClientEMS-6.4.0
FortiClientEMS-6.2.9
FortiClientEMS-6.2.8
FortiClientEMS-6.2.7
FortiClientEMS-6.2.6
FortiClientEMS-6.2.4
FortiClientEMS-6.2.3
FortiClientEMS-6.2.2
FortiClientEMS-6.2.1
FortiClientEMS-6.2.0
FortiClientLinux-7.0.1
FortiClientLinux-7.0.0
FortiClientLinux-6.4.4
FortiClientLinux-6.4.3
FortiClientLinux-6.4.2
FortiClientLinux-6.4.1
FortiClientLinux-6.4.0
FortiClientLinux-6.2.9
FortiClientLinux-6.2.8
FortiClientLinux-6.2.7
FortiClientLinux-6.2.6
FortiClientLinux-6.2.4
FortiClientLinux-6.2.3
FortiClientLinux-6.2.2
FortiClientLinux-6.2.1
FortiClientLinux-6.2.0
FortiClientMac-7.0.1
FortiClientMac-7.0.0
FortiClientMac-6.4.6
FortiClientMac-6.4.5
FortiClientMac-6.4.4
FortiClientMac-6.4.3
FortiClientMac-6.4.2
FortiClientMac-6.4.1
FortiClientMac-6.4.0
FortiClientMac-6.2.9
FortiClientMac-6.2.8
FortiClientMac-6.2.7
FortiClientMac-6.2.6
FortiClientMac-6.2.5
FortiClientMac-6.2.4
FortiClientMac-6.2.3
FortiClientMac-6.2.2
FortiClientMac-6.2.1
FortiClientMac-6.2.0
FortiClientMac-6.0.10
FortiClientMac-6.0.9
FortiClientMac-6.0.8
FortiClientMac-6.0.7
FortiClientMac-6.0.6
FortiClientMac-6.0.5
FortiClientMac-6.0.4
FortiClientMac-6.0.3
FortiClientMac-6.0.2
FortiClientMac-6.0.1
FortiClientWindows-7.0.1
FortiClientWindows-7.0.0
FortiClientWindows-6.4.6
FortiClientWindows-6.4.5
FortiClientWindows-6.4.4
FortiClientWindows-6.4.3
FortiClientWindows-6.4.2
FortiClientWindows-6.4.1
FortiClientWindows-6.4.0
FortiClientWindows-6.2.9
FortiClientWindows-6.2.8
FortiClientWindows-6.2.7
FortiClientWindows-6.2.6
FortiClientWindows-6.2.5
FortiClientWindows-6.2.4
FortiClientWindows-6.2.3
FortiClientWindows-6.2.2
FortiClientWindows-6.2.1
FortiClientWindows-6.2.0
FortiClientWindows-6.0.10
FortiClientWindows-6.0.9
FortiClientWindows-6.0.8
FortiClientWindows-6.0.7
FortiClientWindows-6.0.6
FortiClientWindows-6.0.5
FortiClientWindows-6.0.4
FortiClientWindows-6.0.3
FortiClientWindows-6.0.2
FortiClientWindows-6.0.1
FortiClientWindows-6.0.0
8
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:H/E:F/RL:U/RC:C
https://fortiguard.fortinet.com/psirt/FG-IR-21-075
FortiClientEMS & FortiClient - Telemetry protocol is vulnerable to a MitM Vulnerability
Reference>