LiveActive security incident?Get immediate response
CVE Record

CVE-2019-15704: A clear text storage of sensitive information vulnerability in FortiClient for Mac may allow a local attack...

A clear text storage of sensitive information vulnerability in FortiClient for Mac may allow a local attacker to read sensitive information logged in the console window when the user connects to an SSL VPN Gateway.

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysismoderate

Security readout for executives and security teams

Plain-English summary

FortiClient for Mac can expose sensitive information in clear text in the console when a user connects to an SSL VPN gateway. An attacker needs local access to the affected Mac, so this is mainly a workstation and shared-device risk rather than a remote internet-facing emergency.

Executive priority

Treat this as a targeted endpoint hygiene issue. It is not evidenced as remotely exploitable or actively exploited, but it can expose VPN-related sensitive information where local access exists. Prioritize affected Mac VPN users and shared workstations.

Technical view

CVE-2019-15704 affects FortiClient for Mac OS 6.2.0 and 6.0.7. The issue is clear text storage or logging of sensitive information during SSL VPN connection activity. The source bundle does not provide CVSS, CWE, fixed-version details, or the exact sensitive data exposed.

Likely exposure

Exposure is limited to organizations using FortiClient for Mac OS 6.2.0 or 6.0.7 for SSL VPN access. Risk is higher on shared Macs, poorly controlled endpoints, or systems where local users can view console output or logs.

Exploitation context

The CVE description requires local attacker access and a user connecting to an SSL VPN gateway. CISA KEV is false in the supplied bundle, and no cited source indicates active exploitation or public exploit availability.

Researcher notes

Evidence is sparse. The bundle identifies affected versions and local clear text exposure during SSL VPN connection, but not data type, CVSS score, CWE, affected build ranges beyond two versions, or fixed releases. Avoid assuming credential theft without vendor detail.

Mitigation direction

  • Inventory FortiClient for Mac installations and identify versions 6.2.0 and 6.0.7.
  • Review Fortinet advisory FG-IR-19-227 for fixed versions and upgrade guidance.
  • Prioritize affected Macs used for SSL VPN access.
  • Restrict local access on affected Macs, especially shared or multi-user endpoints.
  • Review endpoint logging visibility until vendor remediation is applied.

Validation and detection

  • Confirm whether FortiClient for Mac OS 6.2.0 or 6.0.7 is installed.
  • Confirm affected Macs are used to connect to SSL VPN gateways.
  • Review local console and logging exposure for affected endpoints.
  • Check deployment records for Fortinet-approved remediation or replacement versions.
  • Document any shared-device or non-admin local access paths.
Prepared
Confidence
medium
Sources
3

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cve · low confidence lookup

CVE-2019-15704 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
0Timeline events
0ADP providers
2Source links

CVSS and timeline data

No CVSS vectors or timeline events were available in the normalized CVE source material.

Source materials

Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
FortinetFortiClient for Mac OSFortiClient for Mac OS 6.2.0, 6.0.7Listed
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.