VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Feb 10, 2015· Updated May 6, 2026

CVE-2015-1570

CVE-2015-1570

Description

The Endpoint Control protocol implementation in Fortinet FortiClient 5.2.3.091 for Android and 5.2.028 for iOS does not validate certificates, which makes it easier for man-in-the-middle attackers to spoof servers via a crafted certificate.

Affected products

2
  • Fortinet/Forticlient2 versions
    cpe:2.3:a:fortinet:forticlient:5.2.028:*:*:*:*:ios:*:*+ 1 more
    • cpe:2.3:a:fortinet:forticlient:5.2.028:*:*:*:*:ios:*:*
    • cpe:2.3:a:fortinet:forticlient:5.2.3.091:*:*:*:*:android:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.