Security advisories

Forticlient VPN Credentials Vulnerable

February 26, 2019 | 1 MIN READ

Speak With A Security Expert Now

TALK TO AN EXPERT

Individuals using Fortinet FortiClient for Windows, Mac OSX and Linux may be vulnerable to having their encrypted VPN credentials stolen and decrypted. This attack would allow threat actors to access any material that the user could access over a VPN connection. The vulnerable versions include version 4.4.2332 on Linux, version 5.6.0.1075 on Windows as well as version 5.6.0.703 on Mac OSX. A consulting company discovered the vulnerability earlier this year and, after assisting Fortinet with patching the issues, has released its technical review [1].

What we’re doing about it

What you should do about it

Additional information

[1] https://www.sec-consult.com/en/blog/advisories/vpn-credentials-disclosure-in-fortinet-forticlient/index.html

View Most Recent Advisories