CVE-2022-45856

Name of the Vulnerable Software and Affected Versions: FortiClientWindows versions 6.4 through 7.0.7 FortiClientMac versions 6.4 through 7.2.4 FortiClientLinux versions 6.4 through 7.2.4 FortiClientAndroid versions 6.4 through 7.2.0 FortiClientiOS versions 5.6 through 7.0.6

Description: The issue is related to an improper certificate validation vulnerability in the SAML SSO feature, which may allow an unauthenticated attacker to perform a man-in-the-middle attack on the communication between the FortiClient and both the service provider and the identity provider. This vulnerability is associated with errors in the certificate authentication procedure.

Recommendations: For FortiClientWindows versions 6.4 through 7.0.7, update to a version that includes the fix for this issue. For FortiClientMac versions 6.4 through 7.2.4, update to a version that includes the fix for this issue. For FortiClientLinux versions 6.4 through 7.2.4, update to a version that includes the fix for this issue. For FortiClientAndroid versions 6.4 through 7.2.0, update to a version that includes the fix for this issue. For FortiClientiOS versions 5.6 through 7.0.6, update to a version that includes the fix for this issue. As a temporary workaround, consider disabling the SAML SSO feature until a patch is available. Restrict access to the SAML SSO module to minimize the risk of exploitation. Avoid using the SAML SSO feature in the affected API endpoints until the issue is resolved.