Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-54019

A improper validation of certificate with host mismatch in Fortinet FortiClientWindows version 7.4.0, versions 7.2.0 through 7.2.6, and 7.0 all versions allow an unauthorized attacker to redirect VPN connections via DNS spoofing or another form of redirection.

Published

2025-06-10T17:19:40.090

Last Modified

2025-07-25T15:26:02.837

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 4.8 (MEDIUM)

Weaknesses

Type: Primary
CWE-297

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	fortinet	forticlient	< 7.2.7	Yes
Application	fortinet	forticlient	7.4.0	Yes

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-365 Vendor Advisory ([email protected])