Lucene search
FortiGuard LabsFG-IR-21-075HistoryDec 07, 2021 - 12:00 a.m.
FortiClientEMS & FortiClient - Telemetry protocol is vulnerable to a MitM Vulnerability
2021-12-0700:00:00
FortiGuard Labs
www.fortiguard.com
19
0.001 Low
EPSS
Percentile
26.5%
A combination of a use of hard-coded cryptographic key vulnerability [CWE-321] in FortiClientEMS and an improper certificate validation vulnerability [CWE-297] in FortiClientWindows, FortiClientLinux and FortiClientMac may allow an unauthenticated and network adjacent attacker to perform a man-in-the-middle attack between the EMS and the FCT via the telemetry protocol.
Related
nessus
nessus
Fortinet FortiClient (FG-IR-21-075) (macOS)
2024-06-14 00:00:00
Fortinet FortiClient (FG-IR-21-075)
2024-06-14 00:00:00
cve
cve
CVE-2021-41028
2021-12-16 19:15:08
prion
prion
Design/Logic Flaw
2021-12-16 19:15:00
nvd
nvd
CVE-2021-41028
2021-12-16 19:15:08
cnvd
cnvd
Fortinet FortiClient Trust Management Issue Vulnerability (CNVD-2022-03936)
2022-01-14 00:00:00
cvelist
cvelist
CVE-2021-41028
2021-12-16 18:13:38