CVE-2024-31489

Name of the Vulnerable Software and Affected Versions: FortiClientWindows versions 7.0.0 through 7.0.11, 7.2.0 through 7.2.2 FortiClientLinux versions 7.0.0 through 7.0.11, 7.2.0 FortiClientMac versions 7.0.0 through 7.0.11, 7.2.0 through 7.2.4

Description: The issue is related to an improper certificate validation vulnerability, which may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiGate and the FortiClient during the ZTNA tunnel creation. This vulnerability affects the communication channel and could be exploited by an attacker to intercept or modify data.

Recommendations: For FortiClientWindows versions 7.0.0 through 7.0.11, update to a version that includes the fix for the improper certificate validation vulnerability. For FortiClientWindows versions 7.2.0 through 7.2.2, update to a version that includes the fix for the improper certificate validation vulnerability. For FortiClientLinux versions 7.0.0 through 7.0.11, update to a version that includes the fix for the improper certificate validation vulnerability. For FortiClientLinux version 7.2.0, update to a version that includes the fix for the improper certificate validation vulnerability. For FortiClientMac versions 7.0.0 through 7.0.11, update to a version that includes the fix for the improper certificate validation vulnerability. For FortiClientMac versions 7.2.0 through 7.2.4, update to a version that includes the fix for the improper certificate validation vulnerability. As a temporary workaround, consider restricting access to the vulnerable communication channel between the FortiGate and the FortiClient during the ZTNA tunnel creation until a patch is available.