FortiClient Zero-Day Vulnerability Allows Remote Man-in-the-Middle Attacks
CVE-2024-31489

8.1HIGH

Key Information:

Vendor: Fortinet
Status: Forticlientmac; Forticlientems; Forticlientlinux; Forticlientwindows
Vendor: CVE Published:; 10 September 2024

What is CVE-2024-31489?

An improper certificate validation vulnerability in Fortinet's FortiClient software allows remote, unauthenticated attackers to exploit the communication channel between FortiGate and FortiClient during ZTNA tunnel creation. This flaw can potentially enable a Man-in-the-Middle attack, where attackers could intercept and manipulate data in transit, compromising the integrity and confidentiality of sensitive information exchanged during secure connections.

Affected Version(s)

FortiClientEMS 7.0.0 <= 7.0.13

FortiClientLinux 7.2.0

FortiClientLinux 7.0.0 <= 7.0.11

References

https://fortiguard.fortinet.com/psirt/FG-IR-22-282

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 10, 2024
Vulnerability Reserved
Apr 4, 2024