FortiClient improper access control exposes users’ VPN credentials

FortiClient improper access control exposes users’ VPN credentials FortiClient for Linux, Mac OSX and Windows stores encrypted VPN authentication credentials in improperly secured locations. Fortinet provided security updates for its next-generation endpoint protection FortiClient product that address a serious information disclosure vulnerability. The flaw, tracked as CVE-2017-14184, could be exploited by an attacker to obtain VPN authentication credentials. FortiClient is a powerful product that includes […] The post FortiClient improper access control exposes users’ VPN credentials appeared first on Security Affairs. Read More At -> https://blog.cripperz.sg/2017/12/14/forticlient-improper-access-control-exposes-users-vpn-credentials/