Man-in-the-Middle Vulnerability in FortiGuard Services for Fortinet Products
CVE-2018-9195

5.9MEDIUM

Key Information:

Vendor: Fortinet
Status: Forticlient For Windows; FortiOS; Forticlient For Mac Os
Vendor: CVE Published:; 21 November 2019

What is CVE-2018-9195?

The vulnerability presents a risk due to the use of a hardcoded cryptographic key within the FortiGuard services communication protocol. This oversight allows attackers with knowledge of the key to launch a Man-in-the-Middle attack, enabling them to intercept, eavesdrop on, and potentially alter data transmitted between Fortinet products and FortiGuard servers. This includes modifications to URL/SPAM services in FortiOS versions 5.6 and 6.0, as well as URL rating functionalities in FortiClient. Immediate action is recommended to mitigate risks associated with unauthorized access to sensitive information.

Affected Version(s)

FortiClient for Mac OS FortiClient for Mac OS 6.2.1 and below

FortiClient for Windows FortiClient for Windows 6.0.6 and below

FortiOS FortiOS 6.0.7 and below

References

https://fortiguard.com/advisory/FG-IR-18-100

x_refsource_CONFIRM

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 21, 2019
Vulnerability Reserved
Apr 2, 2018