Vigil@nce - FortiClient for Mac OS: information disclosure via Console Window Clear Text Password
January 2020 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/?langue=2
SYNTHESIS OF THE VULNERABILITY
Impacted products: FortiClient.
Severity: 2/4.
Consequences: data reading.
Provenance: physical access.
Confidence: confirmed by the editor (5/5).
Creation date: 08/11/2019.
DESCRIPTION OF THE VULNERABILITY
An attacker can bypass access restrictions to data via Console
Window Clear Text Password of FortiClient for Mac OS, in order to
obtain sensitive information.
ACCESS TO THE FULL VIGIL@NCE BULLETIN