Hello All,
The Microsoft Defender Endpoint vulnerability scanner is detecting the following vulnerable files created as part of the Forticlient 7.4 VPN Installer, all with the version number 3.1.5.0:
c:\program files\fortinet\forticlient\libcrypto-3-x64.dll
c:\program files\fortinet\forticlient\libssl-3-x64.dll
c:\program files\fortinet\forticlient\x86\libcrypto-3.dll
c:\program files\fortinet\forticlient\x86\libssl-3.dll
The listed CVE's against these files from MDE Show as:
CVE-2024-2511
CVE-2024-4603
CVE-2024-4741
CVE-2024-5535
CVE-2024-6119
Is the Forticlient 7.4 VPN software vulnerable to these CVE's because of the libcrypto/libssl dlls present in it's install directorys?
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
The FortiClient 7.4 VPN software is not vulnerable to the CVEs mentioned due to the libcrypto/libssl DLLs present in its installation directories. FortiClient EMS 7.4.0 is no longer vulnerable to specific CVE references, as mentioned in the release notes. For further information on vulnerabilities and patches, you can visit the FortiGuard Center at https://fortiguard.com/psirt.
The FortiClient 7.4 VPN software is not vulnerable to the CVEs mentioned due to the libcrypto/libssl DLLs present in its installation directories. FortiClient EMS 7.4.0 is no longer vulnerable to specific CVE references, as mentioned in the release notes. For further information on vulnerabilities and patches, you can visit the FortiGuard Center at https://fortiguard.com/psirt.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1705 | |
1093 | |
752 | |
446 | |
230 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.