Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2026-AVI-0265
Vulnerability from certfr_avis - Published: 2026-03-11 - Updated: 2026-03-11
De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et une atteinte à la confidentialité des données.
Concernant la vulnérabilité CVE-2025-66178, l'éditeur fournit certaines recommandations dans l'attente de la version correctrice.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Fortinet | FortiClient | FortiClientLinux versions 7.4.x antérieures à 7.4.5 | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer-BigData versions 7.6.x antérieures à 7.6.1 | ||
| Fortinet | FortiMail | FortiMail versions 7.4.x antérieures à 7.4.5 | ||
| Fortinet | FortiClient | FortiClientLinux versions antérieures à 7.2.13 | ||
| Fortinet | FortiSandbox | FortiSandbox versions antérieures à 4.4.8 | ||
| Fortinet | FortiManager | FortiManager versions antérieures à 7.6.5 | ||
| Fortinet | FortiManager | FortiManager Cloud versions antérieures à 7.6.5 | ||
| Fortinet | FortiMail | FortiMail versions 7.6.x antérieures à 7.6.3 | ||
| Fortinet | FortiDeceptor | FortiDeceptor toutes versions antérieures à 6.2.1 | ||
| Fortinet | FortiVoice | FortiVoice versions 7.2.x antérieures à 7.2.1 | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer Cloud versions antérieures à 7.6.5 | ||
| Fortinet | FortiSOAR | FortiSOAR Agent Communication Bridge versions antérieures à 1.1.1 | ||
| Fortinet | FortiWeb | FortiWeb versions antérieures à 7.6.7 | ||
| Fortinet | FortiVoice | FortiVoice versions 7.0.x antérieures à 7.0.7 | ||
| Fortinet | FortiSIEM | FortiSIEM versions 7.4.x antérieures à 7.4.1 | ||
| Fortinet | FortiSIEM | FortiSIEM versions 7.3.x antérieures à 7.3.5 | ||
| Fortinet | FortiWeb | FortiWeb versions 8.0.x antérieures à 8.0.4 | ||
| Fortinet | FortiRecorder | FortiRecorder toutes versions antérieures à 7.2.4 | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer-BigData versions antérieures à 7.4.5 | ||
| Fortinet | FortiMail | FortiMail versions 7.2.x antérieures à 7.2.8 | ||
| Fortinet | FortiSwitch | FortiSwitchAXFixed versions 1.0.x antérieures à 1.0.2 | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer versions antérieures à 7.6.5 | ||
| Fortinet | FortiMail | FortiMail versions 7.0.x antérieures à 7.0.9 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "FortiClientLinux versions 7.4.x ant\u00e9rieures \u00e0 7.4.5",
"product": {
"name": "FortiClient",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer-BigData versions 7.6.x ant\u00e9rieures \u00e0 7.6.1",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiMail versions 7.4.x ant\u00e9rieures \u00e0 7.4.5",
"product": {
"name": "FortiMail",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClientLinux versions ant\u00e9rieures \u00e0 7.2.13",
"product": {
"name": "FortiClient",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSandbox versions ant\u00e9rieures \u00e0 4.4.8",
"product": {
"name": "FortiSandbox",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager versions ant\u00e9rieures \u00e0 7.6.5",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager Cloud versions ant\u00e9rieures \u00e0 7.6.5",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiMail versions 7.6.x ant\u00e9rieures \u00e0 7.6.3",
"product": {
"name": "FortiMail",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiDeceptor toutes versions ant\u00e9rieures \u00e0 6.2.1",
"product": {
"name": "FortiDeceptor",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiVoice versions 7.2.x ant\u00e9rieures \u00e0 7.2.1",
"product": {
"name": "FortiVoice",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer Cloud versions ant\u00e9rieures \u00e0 7.6.5",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSOAR Agent Communication Bridge versions ant\u00e9rieures \u00e0 1.1.1",
"product": {
"name": "FortiSOAR",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWeb versions ant\u00e9rieures \u00e0 7.6.7",
"product": {
"name": "FortiWeb",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiVoice versions 7.0.x ant\u00e9rieures \u00e0 7.0.7",
"product": {
"name": "FortiVoice",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSIEM versions 7.4.x ant\u00e9rieures \u00e0 7.4.1",
"product": {
"name": "FortiSIEM",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSIEM versions 7.3.x ant\u00e9rieures \u00e0 7.3.5",
"product": {
"name": "FortiSIEM",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWeb versions 8.0.x ant\u00e9rieures \u00e0 8.0.4",
"product": {
"name": "FortiWeb",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiRecorder toutes versions ant\u00e9rieures \u00e0 7.2.4",
"product": {
"name": "FortiRecorder",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer-BigData versions ant\u00e9rieures \u00e0 7.4.5",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiMail versions 7.2.x ant\u00e9rieures \u00e0 7.2.8",
"product": {
"name": "FortiMail",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSwitchAXFixed versions 1.0.x ant\u00e9rieures \u00e0 1.0.2",
"product": {
"name": "FortiSwitch",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer versions ant\u00e9rieures \u00e0 7.6.5",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiMail versions 7.0.x ant\u00e9rieures \u00e0 7.0.9",
"product": {
"name": "FortiMail",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-30897",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-30897"
},
{
"name": "CVE-2025-53608",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53608"
},
{
"name": "CVE-2026-24017",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24017"
},
{
"name": "CVE-2025-68648",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68648"
},
{
"name": "CVE-2026-24640",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24640"
},
{
"name": "CVE-2026-22572",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22572"
},
{
"name": "CVE-2025-48418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48418"
},
{
"name": "CVE-2025-48840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48840"
},
{
"name": "CVE-2026-24641",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24641"
},
{
"name": "CVE-2026-22627",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22627"
},
{
"name": "CVE-2025-55717",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55717"
},
{
"name": "CVE-2026-24018",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24018"
},
{
"name": "CVE-2025-54820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54820"
},
{
"name": "CVE-2025-49784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49784"
},
{
"name": "CVE-2026-22629",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22629"
},
{
"name": "CVE-2025-66178",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66178"
},
{
"name": "CVE-2026-25689",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25689"
},
{
"name": "CVE-2026-25972",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25972"
},
{
"name": "CVE-2025-54659",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54659"
},
{
"name": "CVE-2025-68482",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68482"
},
{
"name": "CVE-2026-22628",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22628"
},
{
"name": "CVE-2026-25836",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25836"
}
],
"initial_release_date": "2026-03-11T00:00:00",
"last_revision_date": "2026-03-11T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0265",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-03-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Injection SQL (SQLi)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Fortinet. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n\nConcernant la vuln\u00e9rabilit\u00e9 CVE-2025-66178, l\u0027\u00e9diteur fournit certaines recommandations dans l\u0027attente de la version correctrice.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet",
"vendor_advisories": [
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-078",
"url": "https://www.fortiguard.com/psirt/FG-IR-26-078"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-096",
"url": "https://www.fortiguard.com/psirt/FG-IR-26-096"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-098",
"url": "https://www.fortiguard.com/psirt/FG-IR-26-098"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-080",
"url": "https://www.fortiguard.com/psirt/FG-IR-26-080"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-088",
"url": "https://www.fortiguard.com/psirt/FG-IR-26-088"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-094",
"url": "https://www.fortiguard.com/psirt/FG-IR-26-094"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-092",
"url": "https://www.fortiguard.com/psirt/FG-IR-26-092"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-090",
"url": "https://www.fortiguard.com/psirt/FG-IR-26-090"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-081",
"url": "https://www.fortiguard.com/psirt/FG-IR-26-081"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-095",
"url": "https://www.fortiguard.com/psirt/FG-IR-26-095"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-093",
"url": "https://www.fortiguard.com/psirt/FG-IR-26-093"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-083",
"url": "https://www.fortiguard.com/psirt/FG-IR-26-083"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-087",
"url": "https://www.fortiguard.com/psirt/FG-IR-26-087"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-079",
"url": "https://www.fortiguard.com/psirt/FG-IR-26-079"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-086",
"url": "https://www.fortiguard.com/psirt/FG-IR-26-086"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-077",
"url": "https://www.fortiguard.com/psirt/FG-IR-26-077"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-082",
"url": "https://www.fortiguard.com/psirt/FG-IR-26-082"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-097",
"url": "https://www.fortiguard.com/psirt/FG-IR-26-097"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-085",
"url": "https://www.fortiguard.com/psirt/FG-IR-26-085"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-091",
"url": "https://www.fortiguard.com/psirt/FG-IR-26-091"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-089",
"url": "https://www.fortiguard.com/psirt/FG-IR-26-089"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-084",
"url": "https://www.fortiguard.com/psirt/FG-IR-26-084"
}
]
}
CVE-2025-48418 (GCVE-0-2025-48418)
Vulnerability from cvelistv5 – Published: 2026-03-10 16:44 – Updated: 2026-03-11 13:08
VLAI
EPSS
Summary
A hidden functionality vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2.0 through 7.2.10, FortiAnalyzer 7.0.0 through 7.0.14, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud 7.4.1 through 7.4.7, FortiAnalyzer Cloud 7.2.1 through 7.2.10, FortiAnalyzer Cloud 7.0.1 through 7.0.14, FortiAnalyzer Cloud 6.4 all versions, FortiManager 7.6.0 through 7.6.3, FortiManager 7.4.0 through 7.4.7, FortiManager 7.2.0 through 7.2.10, FortiManager 7.0.0 through 7.0.14, FortiManager 6.4 all versions, FortiManager Cloud 7.6.2 through 7.6.3, FortiManager Cloud 7.4.1 through 7.4.7, FortiManager Cloud 7.2.1 through 7.2.10, FortiManager Cloud 7.0.1 through 7.0.14, FortiManager Cloud 6.4 all versions may allow a remote authenticated read-only admin with CLI access to escalate their privilege via use of a hidden command.
Severity
CWE
- CWE-912 - Escalation of privilege
Assigner
References
1 reference
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiAnalyzer |
Affected:
7.6.0 , ≤ 7.6.3
(semver)
Affected: 7.4.0 , ≤ 7.4.7 (semver) Affected: 7.2.0 , ≤ 7.2.10 (semver) Affected: 7.0.0 , ≤ 7.0.14 (semver) Affected: 6.4.0 , ≤ 6.4.15 (semver) cpe:2.3:o:fortinet:fortianalyzer:7.6.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.6.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.6.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.6.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiAnalyzer Cloud |
Affected:
7.6.2
Affected: 7.4.1 , ≤ 7.4.7 (semver) Affected: 7.2.1 , ≤ 7.2.10 (semver) Affected: 7.0.1 , ≤ 7.0.14 (semver) Affected: 6.4.1 , ≤ 6.4.7 (semver) cpe:2.3:a:fortinet:fortianalyzercloud:7.6.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.14:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.13:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.12:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.11:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:6.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:6.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:6.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:6.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:6.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:6.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:6.4.1:*:*:*:*:*:*:* |
|
| Fortinet | FortiManager |
Affected:
7.6.0 , ≤ 7.6.3
(semver)
Affected: 7.4.0 , ≤ 7.4.7 (semver) Affected: 7.2.0 , ≤ 7.2.10 (semver) Affected: 7.0.0 , ≤ 7.0.14 (semver) Affected: 6.4.0 , ≤ 6.4.15 (semver) cpe:2.3:o:fortinet:fortimanager:7.6.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.6.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.6.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.6.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiManager Cloud |
Affected:
7.6.2 , ≤ 7.6.3
(semver)
Affected: 7.4.1 , ≤ 7.4.7 (semver) Affected: 7.2.1 , ≤ 7.2.10 (semver) Affected: 7.0.1 , ≤ 7.0.14 (semver) Affected: 6.4.1 , ≤ 6.4.7 (semver) cpe:2.3:a:fortinet:fortimanagercloud:7.6.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.6.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.14:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.13:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.12:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.11:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:6.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:6.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:6.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:6.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:6.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:6.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:6.4.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48418",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-11T03:56:54.022497Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T13:08:18.809Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortianalyzer:7.6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiAnalyzer",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.3",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.7",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.10",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.14",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortianalyzercloud:7.6.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:6.4.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiAnalyzer Cloud",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.6.2"
},
{
"lessThanOrEqual": "7.4.7",
"status": "affected",
"version": "7.4.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.10",
"status": "affected",
"version": "7.2.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.14",
"status": "affected",
"version": "7.0.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.7",
"status": "affected",
"version": "6.4.1",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortimanager:7.6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiManager",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.3",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.7",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.10",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.14",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortimanagercloud:7.6.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.6.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:6.4.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiManager Cloud",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.3",
"status": "affected",
"version": "7.6.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.7",
"status": "affected",
"version": "7.4.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.10",
"status": "affected",
"version": "7.2.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.14",
"status": "affected",
"version": "7.0.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.7",
"status": "affected",
"version": "6.4.1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A hidden functionality vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2.0 through 7.2.10, FortiAnalyzer 7.0.0 through 7.0.14, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud 7.4.1 through 7.4.7, FortiAnalyzer Cloud 7.2.1 through 7.2.10, FortiAnalyzer Cloud 7.0.1 through 7.0.14, FortiAnalyzer Cloud 6.4 all versions, FortiManager 7.6.0 through 7.6.3, FortiManager 7.4.0 through 7.4.7, FortiManager 7.2.0 through 7.2.10, FortiManager 7.0.0 through 7.0.14, FortiManager 6.4 all versions, FortiManager Cloud 7.6.2 through 7.6.3, FortiManager Cloud 7.4.1 through 7.4.7, FortiManager Cloud 7.2.1 through 7.2.10, FortiManager Cloud 7.0.1 through 7.0.14, FortiManager Cloud 6.4 all versions may allow a remote authenticated read-only admin with CLI access to escalate their privilege via use of a hidden command."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:W/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-912",
"description": "Escalation of privilege",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T16:44:17.571Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-081",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-081"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiAnalyzer version 7.6.4 or above\nUpgrade to FortiAnalyzer version 7.4.8 or above\nUpgrade to FortiAnalyzer version 7.2.11 or above\nUpgrade to FortiAnalyzer version 7.0.15 or above\nUpgrade to FortiAnalyzer Cloud version 7.6.4 or above\nUpgrade to FortiAnalyzer Cloud version 7.4.8 or above\nUpgrade to FortiAnalyzer Cloud version 7.2.11 or above\nUpgrade to FortiAnalyzer Cloud version 7.0.15 or above\nUpgrade to FortiManager version 7.6.4 or above\nUpgrade to FortiManager version 7.4.8 or above\nUpgrade to FortiManager version 7.2.11 or above\nUpgrade to FortiManager version 7.0.15 or above\nUpgrade to FortiManager Cloud version 7.6.4 or above\nUpgrade to FortiManager Cloud version 7.4.8 or above\nUpgrade to FortiManager Cloud version 7.2.11 or above\nUpgrade to FortiManager Cloud version 7.0.15 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-48418",
"datePublished": "2026-03-10T16:44:17.571Z",
"dateReserved": "2025-05-20T11:27:34.039Z",
"dateUpdated": "2026-03-11T13:08:18.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-48840 (GCVE-0-2025-48840)
Vulnerability from cvelistv5 – Published: 2026-03-10 16:44 – Updated: 2026-03-12 14:29
VLAI
EPSS
Summary
An authentication bypass by spoofing vulnerability in Fortinet FortiWeb 7.6.0 through 7.6.3, FortiWeb 7.4.0 through 7.4.8, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow a remote unauthenticated attacker to bypass hostname restrictions via a specially crafted request.
Severity
CWE
- CWE-290 - Improper access control
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiWeb |
Affected:
7.6.0 , ≤ 7.6.3
(semver)
Affected: 7.4.0 , ≤ 7.4.8 (semver) Affected: 7.2.0 , ≤ 7.2.12 (semver) Affected: 7.0.0 , ≤ 7.0.12 (semver) cpe:2.3:a:fortinet:fortiweb:7.6.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.6.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.6.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.6.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.12:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.11:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.12:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.11:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48840",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-12T14:29:49.514729Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T14:29:57.399Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortiweb:7.6.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.6.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiWeb",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.3",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.8",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.12",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.12",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass by spoofing vulnerability in Fortinet FortiWeb 7.6.0 through 7.6.3, FortiWeb 7.4.0 through 7.4.8, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow a remote unauthenticated attacker to bypass hostname restrictions via a specially crafted request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T16:44:14.182Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-097",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-097"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiWeb version 7.6.4 or above\nUpgrade to FortiWeb version 7.4.9 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-48840",
"datePublished": "2026-03-10T16:44:14.182Z",
"dateReserved": "2025-05-27T08:00:40.715Z",
"dateUpdated": "2026-03-12T14:29:57.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-49784 (GCVE-0-2025-49784)
Vulnerability from cvelistv5 – Published: 2026-03-10 16:44 – Updated: 2026-03-11 03:56
VLAI
EPSS
Summary
An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer-BigData 7.6.0, FortiAnalyzer-BigData 7.4.0 through 7.4.4, FortiAnalyzer-BigData 7.2 all versions, FortiAnalyzer-BigData 7.0 all versions, FortiAnalyzer-BigData 6.4 all versions, FortiAnalyzer-BigData 6.2 all versions may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted requests.
Severity
CWE
- CWE-89 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiAnalyzer-BigData |
Affected:
7.6.0
cpe:2.3:a:fortinet:fortianalyzer-bigdata:7.6.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiAnalyzer |
Affected:
7.6.0 , ≤ 7.6.3
(semver)
cpe:2.3:o:fortinet:fortianalyzer:7.6.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.6.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.6.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.6.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-49784",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-10T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T03:56:55.482Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortianalyzer-bigdata:7.6.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiAnalyzer-BigData",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.6.0"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortianalyzer:7.6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.6.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiAnalyzer",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.3",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of special elements used in an sql command (\u0027sql injection\u0027) vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer-BigData 7.6.0, FortiAnalyzer-BigData 7.4.0 through 7.4.4, FortiAnalyzer-BigData 7.2 all versions, FortiAnalyzer-BigData 7.0 all versions, FortiAnalyzer-BigData 6.4 all versions, FortiAnalyzer-BigData 6.2 all versions may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L/E:F/RL:T/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T16:44:16.287Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-095",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-095"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiAnalyzer-BigData version 7.6.1 or above\nUpgrade to FortiAnalyzer-BigData version 7.4.5 or above\nUpgrade to upcoming FortiAnalyzer version 8.0.0 or above\nUpgrade to FortiAnalyzer version 7.6.5 or above\nUpgrade to FortiAnalyzer version 7.4.8 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-49784",
"datePublished": "2026-03-10T16:44:16.287Z",
"dateReserved": "2025-06-10T09:25:14.083Z",
"dateUpdated": "2026-03-11T03:56:55.482Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-53608 (GCVE-0-2025-53608)
Vulnerability from cvelistv5 – Published: 2026-03-10 16:44 – Updated: 2026-03-12 14:28
VLAI
EPSS
Summary
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an authenticated privileged attacker to execute code via crafted requests.
Severity
CWE
- CWE-79 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiSandbox |
Affected:
5.0.0 , ≤ 5.0.2
(semver)
Affected: 4.4.0 , ≤ 4.4.7 (semver) Affected: 4.2.1 , ≤ 4.2.8 (semver) Affected: 4.0.0 , ≤ 4.0.6 (semver) cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53608",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-12T14:28:22.192457Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T14:28:29.842Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.2",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.7",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.2.8",
"status": "affected",
"version": "4.2.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.0.6",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an authenticated privileged attacker to execute code via crafted requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N/E:P/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T16:44:14.768Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-091",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-091"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiSandbox version 5.0.3 or above\nUpgrade to FortiSandbox version 4.4.8 or above\nFortinet remediated this issue in FortiSandbox Cloud version 5.0.5 and hence customers do not need to perform any action."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-53608",
"datePublished": "2026-03-10T16:44:14.768Z",
"dateReserved": "2025-07-07T07:40:26.787Z",
"dateUpdated": "2026-03-12T14:28:29.842Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-54659 (GCVE-0-2025-54659)
Vulnerability from cvelistv5 – Published: 2026-03-10 16:44 – Updated: 2026-03-10 17:41
VLAI
EPSS
Summary
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] vulnerability in Fortinet FortiSOAR Agent Communication Bridge 1.1.0, FortiSOAR Agent Communication Bridge 1.0 all versions may allow an unauthenticated attacker to read files accessible to the fortisoar user on a system where the agent is deployed, via sending a crafted request to the agent port.
Severity
CWE
- CWE-22 - Information disclosure
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiSOAR Agent Communication Bridge |
Affected:
1.1.0
Affected: 1.0.0 , ≤ 1.0.2 (semver) cpe:2.3:a:fortinet:fortisoaragentcommunicationbridge:1.1.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisoaragentcommunicationbridge:1.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisoaragentcommunicationbridge:1.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisoaragentcommunicationbridge:1.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54659",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-10T17:30:39.455177Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T17:41:32.111Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortisoaragentcommunicationbridge:1.1.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisoaragentcommunicationbridge:1.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisoaragentcommunicationbridge:1.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisoaragentcommunicationbridge:1.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSOAR Agent Communication Bridge",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "1.1.0"
},
{
"lessThanOrEqual": "1.0.2",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability [CWE-22] vulnerability in Fortinet FortiSOAR Agent Communication Bridge 1.1.0, FortiSOAR Agent Communication Bridge 1.0 all versions may allow an unauthenticated attacker to read files accessible to the fortisoar user on a system where the agent is deployed, via sending a crafted request to the agent port."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N/E:F/RL:X/RC:R",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T16:44:20.644Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-084",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-084"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiSOAR Agent Communication Bridge version 1.1.1 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-54659",
"datePublished": "2026-03-10T16:44:20.644Z",
"dateReserved": "2025-07-28T09:23:38.063Z",
"dateUpdated": "2026-03-10T17:41:32.111Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-54820 (GCVE-0-2025-54820)
Vulnerability from cvelistv5 – Published: 2026-03-10 16:44 – Updated: 2026-03-12 14:46
VLAI
EPSS
Summary
A Stack-based Buffer Overflow vulnerability [CWE-121] vulnerability in Fortinet FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.10, FortiManager 6.4 all versions may allow a remote unauthenticated attacker to execute unauthorized commands via crafted requests, if the service is enabled. The success of the attack depends on the ability to bypass the stack protection mechanisms.
Severity
CWE
- CWE-121 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiManager |
Affected:
7.4.0 , ≤ 7.4.2
(semver)
Affected: 7.2.0 , ≤ 7.2.10 (semver) Affected: 6.4.0 , ≤ 6.4.15 (semver) cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54820",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-12T14:46:28.306737Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T14:46:35.156Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiManager",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.10",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Stack-based Buffer Overflow vulnerability [CWE-121] vulnerability in Fortinet FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.10, FortiManager 6.4 all versions may allow a remote unauthenticated attacker to execute unauthorized commands via crafted requests, if the service is enabled. The success of the attack depends on the ability to bypass the stack protection mechanisms."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:R",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T09:05:59.328Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-098",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-098"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiManager version 7.6.0 or above\nUpgrade to FortiManager version 7.4.3 or above\nUpgrade to FortiManager version 7.2.11 or above\nUpgrade to upcoming FortiManager version 6.4.16 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-54820",
"datePublished": "2026-03-10T16:44:11.014Z",
"dateReserved": "2025-07-30T08:31:12.196Z",
"dateUpdated": "2026-03-12T14:46:35.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-55717 (GCVE-0-2025-55717)
Vulnerability from cvelistv5 – Published: 2026-03-10 16:44 – Updated: 2026-03-10 20:32
VLAI
EPSS
Summary
A cleartext storage of sensitive information vulnerability [CWE-312] vulnerability in Fortinet FortiMail 7.6.0 through 7.6.2, FortiMail 7.4.0 through 7.4.4, FortiMail 7.2.0 through 7.2.7, FortiMail 7.0.0 through 7.0.8, FortiRecorder 7.2.0 through 7.2.3, FortiRecorder 7.0 all versions, FortiRecorder 6.4 all versions, FortiVoice 7.2.0, FortiVoice 7.0.0 through 7.0.6 may allow an authenticated malicious administrator to obtain user's secrets via CLI commands. Practical exploitability is limited by conditions out of the control of the attacker: An admin must log in to the targeted device.
Severity
CWE
- CWE-312 - Information disclosure
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiVoice |
Affected:
7.2.0
Affected: 7.0.0 , ≤ 7.0.6 (semver) cpe:2.3:a:fortinet:fortivoice:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:7.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiMail |
Affected:
7.6.0 , ≤ 7.6.2
(semver)
Affected: 7.4.0 , ≤ 7.4.4 (semver) Affected: 7.2.0 , ≤ 7.2.7 (semver) Affected: 7.0.0 , ≤ 7.0.8 (semver) cpe:2.3:a:fortinet:fortimail:7.6.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.6.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.6.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.0.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.0.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.0.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiRecorder |
Affected:
7.2.0 , ≤ 7.2.3
(semver)
Affected: 7.0.0 , ≤ 7.0.6 (semver) Affected: 6.4.0 , ≤ 6.4.6 (semver) cpe:2.3:a:fortinet:fortirecorder:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.4.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-55717",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-10T20:29:35.564450Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T20:32:47.413Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortivoice:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiVoice",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.2.0"
},
{
"lessThanOrEqual": "7.0.6",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortimail:7.6.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiMail",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.2",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.4",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.7",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.8",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortirecorder:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiRecorder",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.3",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.6",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.6",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A cleartext storage of sensitive information vulnerability [CWE-312] vulnerability in Fortinet FortiMail 7.6.0 through 7.6.2, FortiMail 7.4.0 through 7.4.4, FortiMail 7.2.0 through 7.2.7, FortiMail 7.0.0 through 7.0.8, FortiRecorder 7.2.0 through 7.2.3, FortiRecorder 7.0 all versions, FortiRecorder 6.4 all versions, FortiVoice 7.2.0, FortiVoice 7.0.0 through 7.0.6 may allow an authenticated malicious administrator to obtain user\u0027s secrets via CLI commands. Practical exploitability is limited by conditions out of the control of the attacker: An admin must log in to the targeted device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N/E:P/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T16:44:08.324Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-080",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-080"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiVoice version 7.2.1 or above\nUpgrade to FortiVoice version 7.0.7 or above\nUpgrade to FortiMail version 7.6.3 or above\nUpgrade to FortiMail version 7.4.5 or above\nUpgrade to FortiMail version 7.2.8 or above\nUpgrade to FortiMail version 7.0.9 or above\nUpgrade to FortiRecorder version 7.2.4 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-55717",
"datePublished": "2026-03-10T16:44:08.324Z",
"dateReserved": "2025-08-14T12:37:31.087Z",
"dateUpdated": "2026-03-10T20:32:47.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-66178 (GCVE-0-2025-66178)
Vulnerability from cvelistv5 – Published: 2026-03-10 16:44 – Updated: 2026-03-11 03:56
VLAI
EPSS
Summary
A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.11, FortiWeb 7.2.0 through 7.2.12, FortiWeb 7.0.0 through 7.0.12 may allow an authenticated attacked to execute arbitrary commands via a specialy crafted HTTP request.
Severity
CWE
- CWE-78 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiWeb |
Affected:
8.0.0 , ≤ 8.0.1
(semver)
Affected: 7.6.0 , ≤ 7.6.5 (semver) Affected: 7.4.0 , ≤ 7.4.11 (semver) Affected: 7.2.0 , ≤ 7.2.12 (semver) Affected: 7.0.0 , ≤ 7.0.12 (semver) cpe:2.3:a:fortinet:fortiweb:8.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:8.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.6.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.6.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.6.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.6.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.6.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.6.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.4.11:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.4.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.4.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.12:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.11:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.12:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.11:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-66178",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-10T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T03:56:45.815Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortiweb:8.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:8.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.6.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.6.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.6.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.6.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiWeb",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "8.0.1",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.6.5",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.11",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.12",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.12",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in an os command (\u0027os command injection\u0027) vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.11, FortiWeb 7.2.0 through 7.2.12, FortiWeb 7.0.0 through 7.0.12 may allow an authenticated attacked to execute arbitrary commands via a specialy crafted HTTP request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T16:44:21.731Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-088",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-088"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiWeb version 8.0.3 or above\nUpgrade to FortiWeb version 7.6.7 or above\nUpgrade to FortiWeb version 7.4.12 or above\nUpgrade to upcoming FortiWeb version 7.2.13 or above\nUpgrade to upcoming FortiWeb version 7.0.13 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-66178",
"datePublished": "2026-03-10T16:44:21.731Z",
"dateReserved": "2025-11-24T09:07:32.659Z",
"dateUpdated": "2026-03-11T03:56:45.815Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68482 (GCVE-0-2025-68482)
Vulnerability from cvelistv5 – Published: 2026-03-10 16:44 – Updated: 2026-03-10 17:41
VLAI
EPSS
Summary
A improper certificate validation vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.8, FortiManager 7.2 all versions, FortiManager 7.0 all versions, FortiManager 6.4 all versions may allow a remote unauthenticated attacker to view confidential information via a man in the middle [MiTM] attack.
Severity
CWE
- CWE-295 - Information disclosure
Assigner
References
1 reference
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiAnalyzer |
Affected:
7.6.0 , ≤ 7.6.4
(semver)
Affected: 7.4.0 , ≤ 7.4.8 (semver) Affected: 7.2.0 , ≤ 7.2.12 (semver) Affected: 7.0.0 , ≤ 7.0.16 (semver) Affected: 6.4.0 , ≤ 6.4.15 (semver) cpe:2.3:o:fortinet:fortianalyzer:7.6.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.6.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.6.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.6.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.6.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.16:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiManager |
Affected:
7.6.0 , ≤ 7.6.4
(semver)
Affected: 7.4.0 , ≤ 7.4.8 (semver) Affected: 7.2.0 , ≤ 7.2.12 (semver) Affected: 7.0.0 , ≤ 7.0.16 (semver) Affected: 6.4.0 , ≤ 6.4.15 (semver) cpe:2.3:o:fortinet:fortimanager:7.6.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.6.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.6.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.6.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.6.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.16:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiManager Cloud |
Affected:
7.6.2 , ≤ 7.6.3
(semver)
Affected: 7.4.1 , ≤ 7.4.7 (semver) Affected: 7.2.1 , ≤ 7.2.10 (semver) Affected: 7.0.1 , ≤ 7.0.14 (semver) Affected: 6.4.1 , ≤ 6.4.7 (semver) cpe:2.3:a:fortinet:fortimanagercloud:7.6.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.6.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.14:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.13:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.12:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.11:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:6.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:6.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:6.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:6.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:6.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:6.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:6.4.1:*:*:*:*:*:*:* |
|
| Fortinet | FortiAnalyzer Cloud |
Affected:
7.6.2
Affected: 7.4.1 , ≤ 7.4.7 (semver) Affected: 7.2.1 , ≤ 7.2.10 (semver) Affected: 7.0.1 , ≤ 7.0.14 (semver) Affected: 6.4.1 , ≤ 6.4.7 (semver) cpe:2.3:a:fortinet:fortianalyzercloud:7.6.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.14:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.13:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.12:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.11:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:6.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:6.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:6.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:6.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:6.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:6.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:6.4.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68482",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-10T17:31:24.845135Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T17:41:32.587Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortianalyzer:7.6.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiAnalyzer",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.4",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.8",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.12",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.16",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortimanager:7.6.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiManager",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.4",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.8",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.12",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.16",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortimanagercloud:7.6.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.6.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:6.4.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiManager Cloud",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.3",
"status": "affected",
"version": "7.6.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.7",
"status": "affected",
"version": "7.4.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.10",
"status": "affected",
"version": "7.2.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.14",
"status": "affected",
"version": "7.0.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.7",
"status": "affected",
"version": "6.4.1",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortianalyzercloud:7.6.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:6.4.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiAnalyzer Cloud",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.6.2"
},
{
"lessThanOrEqual": "7.4.7",
"status": "affected",
"version": "7.4.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.10",
"status": "affected",
"version": "7.2.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.14",
"status": "affected",
"version": "7.0.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.7",
"status": "affected",
"version": "6.4.1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper certificate validation vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.8, FortiManager 7.2 all versions, FortiManager 7.0 all versions, FortiManager 6.4 all versions may allow a remote unauthenticated attacker to view confidential information via a man in the middle [MiTM] attack."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:P/RL:W/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T16:44:18.285Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-078",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-078"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to upcoming FortiAnalyzer version 8.0.0 or above\nUpgrade to FortiAnalyzer version 7.6.5 or above\nUpgrade to FortiAnalyzer version 7.4.9 or above\nUpgrade to upcoming FortiManager version 8.0.0 or above\nUpgrade to FortiManager version 7.6.5 or above\nUpgrade to FortiManager version 7.4.9 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-68482",
"datePublished": "2026-03-10T16:44:18.285Z",
"dateReserved": "2025-12-19T00:12:19.381Z",
"dateUpdated": "2026-03-10T17:41:32.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68648 (GCVE-0-2025-68648)
Vulnerability from cvelistv5 – Published: 2026-03-10 16:44 – Updated: 2026-05-26 09:37
VLAI
EPSS
Summary
A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud 7.4.1 through 7.4.7, FortiAnalyzer Cloud 7.2 all versions, FortiAnalyzer Cloud 7.0 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.7, FortiManager 7.2 all versions, FortiManager 7.0 all versions, FortiManager Cloud 7.6.2 through 7.6.3, FortiManager Cloud 7.4.1 through 7.4.7, FortiManager Cloud 7.2.1 through 7.2.10, FortiManager Cloud 7.0.1 through 7.0.14 may allow an attacker to escalate its privileges via specially crafted requests.
Severity
CWE
- CWE-134 - Escalation of privilege
Assigner
References
1 reference
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiManager Cloud |
Affected:
7.6.2 , ≤ 7.6.3
(semver)
Affected: 7.4.1 , ≤ 7.4.7 (semver) Affected: 7.2.1 , ≤ 7.2.10 (semver) Affected: 7.0.1 , ≤ 7.0.14 (semver) cpe:2.3:a:fortinet:fortimanagercloud:7.6.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.6.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.14:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.13:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.12:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.11:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanagercloud:7.0.1:*:*:*:*:*:*:* |
|
| Fortinet | FortiAnalyzer Cloud |
Affected:
7.6.2
Affected: 7.4.1 , ≤ 7.4.7 (semver) Affected: 7.2.1 , ≤ 7.2.12 (semver) Affected: 7.0.1 , ≤ 7.0.16 (semver) cpe:2.3:a:fortinet:fortianalyzercloud:7.6.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.12:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.11:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.16:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.15:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.14:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.13:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.12:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.11:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.1:*:*:*:*:*:*:* |
|
| Fortinet | FortiAnalyzer |
Affected:
7.6.0 , ≤ 7.6.4
(semver)
Affected: 7.4.0 , ≤ 7.4.7 (semver) Affected: 7.2.0 , ≤ 7.2.12 (semver) Affected: 7.0.0 , ≤ 7.0.16 (semver) cpe:2.3:o:fortinet:fortianalyzer:7.6.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.6.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.6.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.6.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.6.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.16:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiManager |
Affected:
7.6.0 , ≤ 7.6.4
(semver)
Affected: 7.4.0 , ≤ 7.4.7 (semver) Affected: 7.2.0 , ≤ 7.2.12 (semver) Affected: 7.0.0 , ≤ 7.0.16 (semver) cpe:2.3:o:fortinet:fortimanager:7.6.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.6.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.6.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.6.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.6.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.16:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68648",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-10T17:32:16.848623Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T17:41:33.122Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortimanagercloud:7.6.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.6.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimanagercloud:7.0.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiManager Cloud",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.3",
"status": "affected",
"version": "7.6.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.7",
"status": "affected",
"version": "7.4.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.10",
"status": "affected",
"version": "7.2.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.14",
"status": "affected",
"version": "7.0.1",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortianalyzercloud:7.6.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.16:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.15:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiAnalyzer Cloud",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.6.2"
},
{
"lessThanOrEqual": "7.4.7",
"status": "affected",
"version": "7.4.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.12",
"status": "affected",
"version": "7.2.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.16",
"status": "affected",
"version": "7.0.1",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortianalyzer:7.6.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiAnalyzer",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.4",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.7",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.12",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.16",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortimanager:7.6.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiManager",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.4",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.7",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.12",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.16",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud 7.4.1 through 7.4.7, FortiAnalyzer Cloud 7.2 all versions, FortiAnalyzer Cloud 7.0 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.7, FortiManager 7.2 all versions, FortiManager 7.0 all versions, FortiManager Cloud 7.6.2 through 7.6.3, FortiManager Cloud 7.4.1 through 7.4.7, FortiManager Cloud 7.2.1 through 7.2.10, FortiManager Cloud 7.0.1 through 7.0.14 may allow an attacker to escalate its privileges via specially crafted requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-134",
"description": "Escalation of privilege",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T09:37:13.382Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-092",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-092"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiAnalyzer Cloud version 7.6.5 or above\nUpgrade to FortiAnalyzer Cloud version 7.4.8 or above\nUpgrade to FortiAnalyzer version 7.6.5 or above\nUpgrade to FortiAnalyzer version 7.4.8 or above\nUpgrade to FortiManager Cloud version 7.6.5 or above\nUpgrade to FortiManager Cloud version 7.4.8 or above\nUpgrade to FortiManager version 7.6.5 or above\nUpgrade to FortiManager version 7.4.8 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-68648",
"datePublished": "2026-03-10T16:44:15.744Z",
"dateReserved": "2025-12-22T07:42:48.338Z",
"dateUpdated": "2026-05-26T09:37:13.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…