The Fortinet FortiClient VPN client on all available platforms suffers from a certificate validation vulnerability which allows an attacker to successfully run a man-in-the-middle attack and to steal the credentials of the user.
c9eab5520d3748247b19a71073dbe3eae001373c7bb79efe6b038b7a23417fc3