CVE-2024-54019
published 2025-06-10CVE-2024-54019: A improper validation of certificate with host mismatch in Fortinet FortiClientWindows version 7.4.0, versions 7.2.0 through 7.2.6, and 7.0 all versions allow…
medium6.5CVSS 3.1
AVNACLPRNUINSUCLILAN
A improper validation of certificate with host mismatch in Fortinet FortiClientWindows version 7.4.0, versions 7.2.0 through 7.2.6, and 7.0 all versions allow an unauthorized attacker to redirect VPN connections via DNS spoofing or another form of redirection.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | forticlient | — | — |
| fortinet | forticlient | — | — |
| fortinet | forticlient | >= 7.0.0 < 7.2.7 | 7.2.7 |
| fortinet | forticlientwindows | — | — |
| fortinet | forticlientwindows | — | — |
| fortinet | forticlientwindows | 7.0.0 – 7.0.14 | — |
| fortinet | forticlientwindows | 7.2.0 – 7.2.6 | — |
| fortinet | fortinet | — | — |