FortiClient Android and iOS multiple vulnerabilities
Fortinet PSIRT Advisories
Fortinet PSIRT Contact:
Website: https://fortiguard.fortinet.com/faq/psirt-contact
FG-IR-15-004
Final
1
1
2015-02-25T00:00:00
Current version
2015-02-25T00:00:00
2015-02-25T00:00:00
FortiClient Android and iOS are affected by two vulnerabilities: Android and iOS FortiClient do not check the validity of server certificates. An attacker may perform a man-in-the-middle attack between the FortiClient and the following services: A remote FortiGate with SSL VPN service running by default on port 443 A remote FortiGate with Endpoint control running by default on port 8010 Android only FortiClient uses a hardcoded encryption key for the following profile preferences settings: Client certificate pkcs12 Client certificate password IPSec pre-shared-key IPSec password SSLpassword The key having been disclosed, these settings could be decrypted by an attacker upon retrieving a FortiClient Android configuration profile from the device.
MitM condition and potential credential harvesting
FortiClient Android, FortiClient iOS
FortiClient iOS version 5.2.1 for iPhone and iPad are available as of March 21 from Apple's App Store.FortiClient Android 5.2.6 is available as of July 17 from Google play store.
FortiClient Android and iOS multiple vulnerabilities
CVE-2015-1453
CVE-2015-1569
CVE-2015-1570
https://fortiguard.fortinet.com/psirt/FG-IR-15-004
FortiClient Android and iOS multiple vulnerabilities
Reference>