virus logo FortiClient Vulnerability

Security Vulnerabilities fixed in EM Client 7.2.33412.0

description-logoDescription

eM Client before 7.2.33412.0 automatically imported S/MIME certificates and thereby silently replaced existing ones. This allowed a man-in-the-middle attacker to obtain an email-validated S/MIME certificate from a trusted CA and replace the public key of the entity to be impersonated. This enabled the attacker to decipher further communication. The entire attack could be accomplished by sending a single email.

affected-products-logoAffected Applications

EM Client

CVE References

CVE-2020-12618

Other References

https://www.emclient.com/release-history?os=win
ID 2322
Created Aug 19, 2021
Description
Updated		 Nov 03, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor EM Client
Patch manual
Application EM Client