Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Endpoint Control protocol implementation in Fortinet FortiClient 5.2.3.091 for Android and 5.2.028 for iOS does not validate certificates, which makes it easier for man-in-the-middle attackers to spoof servers via a crafted certificate.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Fortinet FortiClient for Android和iOS 安全漏洞
Vulnerability Description
Fortinet FortiClient for Android和iOS是美国飞塔(Fortinet)公司的一套基于Android和iOS平台的终端安全解决方案。该方案与FortiGate防火墙设备连接时可提供IPsec和SSL加密、广域网优化、终端合规和双因子认证等功能。 Fortinet FortiClient的Endpoint Control协议实现过程中存在安全漏洞,该漏洞源于程序没有正确验证证书。攻击者可借助特制的证书利用该漏洞实施中间人攻击,伪造数据,欺骗服务器。以下版本受到影响:基于Andr
CVSS Information
N/A
Vulnerability Type
N/A