Fortinet Vulnerability

On 7th December, 2017 a vulnerability (CVE-2017-14184) was announced by Fortinet relating to the FortiClient SSLVPN security. FortiClient for Linux, Mac OSX and Windows stores encrypted VPN authentication credentials in improperly secured locations. Regular users may therefore be able to see each other’s encrypted credentials. This will affect all users running FortiClient 5.6.0 and below. The vulnerability has been fixed in versions 5.6.1 and above. Therefore we are recommending that you upgrade your FortiClient desktop app to this version, which you can do here.