FortiClient Improper cert validation (CVE-2022-45856) Windows/Linux/Mac pre-7.2.5
CVE-2022-45856 Published on September 10, 2024
An improper certificate validation vulnerability [CWE-295] in FortiClientWindows 6.4 all versions, 7.0.0 through 7.0.7, FortiClientMac 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.4, FortiClientLinux 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.4, FortiClientAndroid 6.4 all versions, 7.0 all versions, 7.2.0 and FortiClientiOS 5.6 all versions, 6.0.0 through 6.0.1, 7.0.0 through 7.0.6 SAML SSO feature may allow an unauthenticated attacker to man-in-the-middle the communication between the FortiClient and both the service provider and the identity provider.
Vulnerability Analysis
CVE-2022-45856 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.
Weakness Type
Improper Certificate Validation
The software does not validate, or incorrectly validates, a certificate. When a certificate is invalid or malicious, it might allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client. The software might connect to a malicious host while believing it is a trusted host, or the software might be deceived into accepting spoofed data that appears to originate from a trusted host.
Products Associated with CVE-2022-45856
Want to know whenever a new CVE is published for Fortinet FortiClient? stack.watch will email you.
Affected Versions
Fortinet FortiClientiOS:- Version 7.0.3, <= 7.0.6 is affected.
- Version 7.0.0, <= 7.0.1 is affected.
- Version 6.0.0, <= 6.0.1 is affected.
- Version 5.6.5, <= 5.6.6 is affected.
- Version 5.6.0, <= 5.6.1 is affected.
- Version 5.4.3, <= 5.4.4 is affected.
- Version 5.4.0, <= 5.4.1 is affected.
- Version 5.2.0, <= 5.2.3 is affected.
- Version 5.0.0, <= 5.0.3 is affected.
- Version 4.0.0, <= 4.0.2 is affected.
- Version 2.0.0, <= 2.0.1 is affected.
- Version 7.2.0 is affected.
- Version 7.0.6, <= 7.0.7 is affected.
- Version 7.0.2, <= 7.0.3 is affected.
- Version 7.0.0 is affected.
- Version 6.4.6 is affected.
- Version 6.4.4 is affected.
- Version 6.4.1 is affected.
- Version 6.0.0 is affected.
- Version 5.6.0 is affected.
- Version 5.4.0, <= 5.4.2 is affected.
- Version 5.2.0, <= 5.2.8 is affected.
- Version 5.0.0, <= 5.0.3 is affected.
- Version 7.2.0, <= 7.2.4 is affected.
- Version 7.0.0, <= 7.0.13 is affected.
- Version 6.4.0, <= 6.4.10 is affected.
- Version 7.2.0, <= 7.2.4 is affected.
- Version 7.0.0, <= 7.0.13 is affected.
- Version 6.4.7, <= 6.4.9 is affected.
- Version 6.4.0, <= 6.4.4 is affected.
- Version 7.0.0, <= 7.0.7 is affected.
- Version 6.4.0, <= 6.4.10 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.