Primary

Context

Fortinet FortiClient Windows VPN Redirection Vulnerability via DNS Spoofing

Vulnerability

Patched

A vulnerability exists in Fortinet FortiClient for Windows in versions 7.4.0, 7.2.0 through 7.2.6, and all versions of 7.0. The issue arises from improper validation of certificates, allowing unauthorized attackers to redirect VPN connections through DNS spoofing or similar redirection methods.

Impact

Exploitation of this vulnerability allows for unauthorized redirection of VPN connections, potentially leading to interception or manipulation of VPN traffic.

Added: Jun 10, 2025, 6:38 PM

Updated: Jun 10, 2025, 6:38 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

0.6

exploitability

4.3

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

0.6

exploitability

4.3

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fortinet FortiClient Windows VPN Redirection Vulnerability via DNS Spoofing

Vulnerability

Impact

Affected Products

Fortinet FortiClient

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating