Vulnerability-Lookup

CVE-2025-48418 (GCVE-0-2025-48418)

Vulnerability from cvelistv5 – Published: 2026-03-10 16:44 – Updated: 2026-03-11 13:08

Summary

A hidden functionality vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2.0 through 7.2.10, FortiAnalyzer 7.0.0 through 7.0.14, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud 7.4.1 through 7.4.7, FortiAnalyzer Cloud 7.2.1 through 7.2.10, FortiAnalyzer Cloud 7.0.1 through 7.0.14, FortiAnalyzer Cloud 6.4 all versions, FortiManager 7.6.0 through 7.6.3, FortiManager 7.4.0 through 7.4.7, FortiManager 7.2.0 through 7.2.10, FortiManager 7.0.0 through 7.0.14, FortiManager 6.4 all versions, FortiManager Cloud 7.6.2 through 7.6.3, FortiManager Cloud 7.4.1 through 7.4.7, FortiManager Cloud 7.2.1 through 7.2.10, FortiManager Cloud 7.0.1 through 7.0.14, FortiManager Cloud 6.4 all versions may allow a remote authenticated read-only admin with CLI access to escalate their privilege via use of a hidden command.

Severity ?

6.4 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:W/RC:C

CWE

CWE-912 - Escalation of privilege

Assigner

fortinet

References

URL

Tags

https://fortiguard.fortinet.com/psirt/FG-IR-26-081

Impacted products

Vendor

Product

Version

Fortinet

FortiAnalyzer

Affected: 7.6.0 , ≤ 7.6.3 (semver)
Affected: 7.4.0 , ≤ 7.4.7 (semver)
Affected: 7.2.0 , ≤ 7.2.10 (semver)
Affected: 7.0.0 , ≤ 7.0.14 (semver)
Affected: 6.4.0 , ≤ 6.4.15 (semver)
    cpe:2.3:o:fortinet:fortianalyzer:7.6.3:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.6.2:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.6.1:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.6.0:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.4.7:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.4.6:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.4.5:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.4.4:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.4.3:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.2.10:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.2.9:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.2.8:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.2.7:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.2.6:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.14:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.13:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:6.4.15:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:6.4.14:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:6.4.13:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:6.4.12:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:6.4.11:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:6.4.10:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:6.4.9:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:6.4.8:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:*

Fortinet	FortiAnalyzer Cloud	Affected: 7.6.2 Affected: 7.4.1 , ≤ 7.4.7 (semver) Affected: 7.2.1 , ≤ 7.2.10 (semver) Affected: 7.0.1 , ≤ 7.0.14 (semver) Affected: 6.4.1 , ≤ 6.4.7 (semver) cpe:2.3:a:fortinet:fortianalyzercloud:7.6.2:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.7:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.6:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.5:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.4:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.3:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.2:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.4.1:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.10:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.9:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.8:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.7:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.6:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.5:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.4:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.3:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.2:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.2.1:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.14:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.13:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.12:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.11:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.10:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.9:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.8:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.7:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.6:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.5:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.4:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.3:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.2:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:7.0.1:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:6.4.7:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:6.4.6:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:6.4.5:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:6.4.4:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:6.4.3:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:6.4.2:::::::* cpe:2.3:a:fortinet:fortianalyzercloud:6.4.1:::::::*
Fortinet	FortiManager	Affected: 7.6.0 , ≤ 7.6.3 (semver) Affected: 7.4.0 , ≤ 7.4.7 (semver) Affected: 7.2.0 , ≤ 7.2.10 (semver) Affected: 7.0.0 , ≤ 7.0.14 (semver) Affected: 6.4.0 , ≤ 6.4.15 (semver) cpe:2.3:o:fortinet:fortimanager:7.6.3:::::::* cpe:2.3:o:fortinet:fortimanager:7.6.2:::::::* cpe:2.3:o:fortinet:fortimanager:7.6.1:::::::* cpe:2.3:o:fortinet:fortimanager:7.6.0:::::::* cpe:2.3:o:fortinet:fortimanager:7.4.7:::::::* cpe:2.3:o:fortinet:fortimanager:7.4.6:::::::* cpe:2.3:o:fortinet:fortimanager:7.4.5:::::::* cpe:2.3:o:fortinet:fortimanager:7.4.4:::::::* cpe:2.3:o:fortinet:fortimanager:7.4.3:::::::* cpe:2.3:o:fortinet:fortimanager:7.4.2:::::::* cpe:2.3:o:fortinet:fortimanager:7.4.1:::::::* cpe:2.3:o:fortinet:fortimanager:7.4.0:::::::* cpe:2.3:o:fortinet:fortimanager:7.2.10:::::::* cpe:2.3:o:fortinet:fortimanager:7.2.9:::::::* cpe:2.3:o:fortinet:fortimanager:7.2.8:::::::* cpe:2.3:o:fortinet:fortimanager:7.2.7:::::::* cpe:2.3:o:fortinet:fortimanager:7.2.6:::::::* cpe:2.3:o:fortinet:fortimanager:7.2.5:::::::* cpe:2.3:o:fortinet:fortimanager:7.2.4:::::::* cpe:2.3:o:fortinet:fortimanager:7.2.3:::::::* cpe:2.3:o:fortinet:fortimanager:7.2.2:::::::* cpe:2.3:o:fortinet:fortimanager:7.2.1:::::::* cpe:2.3:o:fortinet:fortimanager:7.2.0:::::::* cpe:2.3:o:fortinet:fortimanager:7.0.14:::::::* cpe:2.3:o:fortinet:fortimanager:7.0.13:::::::* cpe:2.3:o:fortinet:fortimanager:7.0.12:::::::* cpe:2.3:o:fortinet:fortimanager:7.0.11:::::::* cpe:2.3:o:fortinet:fortimanager:7.0.10:::::::* cpe:2.3:o:fortinet:fortimanager:7.0.9:::::::* cpe:2.3:o:fortinet:fortimanager:7.0.8:::::::* cpe:2.3:o:fortinet:fortimanager:7.0.7:::::::* cpe:2.3:o:fortinet:fortimanager:7.0.6:::::::* cpe:2.3:o:fortinet:fortimanager:7.0.5:::::::* cpe:2.3:o:fortinet:fortimanager:7.0.4:::::::* cpe:2.3:o:fortinet:fortimanager:7.0.3:::::::* cpe:2.3:o:fortinet:fortimanager:7.0.2:::::::* cpe:2.3:o:fortinet:fortimanager:7.0.1:::::::* cpe:2.3:o:fortinet:fortimanager:7.0.0:::::::* cpe:2.3:o:fortinet:fortimanager:6.4.15:::::::* cpe:2.3:o:fortinet:fortimanager:6.4.14:::::::* cpe:2.3:o:fortinet:fortimanager:6.4.13:::::::* cpe:2.3:o:fortinet:fortimanager:6.4.12:::::::* cpe:2.3:o:fortinet:fortimanager:6.4.11:::::::* cpe:2.3:o:fortinet:fortimanager:6.4.10:::::::* cpe:2.3:o:fortinet:fortimanager:6.4.9:::::::* cpe:2.3:o:fortinet:fortimanager:6.4.8:::::::* cpe:2.3:o:fortinet:fortimanager:6.4.7:::::::* cpe:2.3:o:fortinet:fortimanager:6.4.6:::::::* cpe:2.3:o:fortinet:fortimanager:6.4.5:::::::* cpe:2.3:o:fortinet:fortimanager:6.4.4:::::::* cpe:2.3:o:fortinet:fortimanager:6.4.3:::::::* cpe:2.3:o:fortinet:fortimanager:6.4.2:::::::* cpe:2.3:o:fortinet:fortimanager:6.4.1:::::::* cpe:2.3:o:fortinet:fortimanager:6.4.0:::::::*
Fortinet	FortiManager Cloud	Affected: 7.6.2 , ≤ 7.6.3 (semver) Affected: 7.4.1 , ≤ 7.4.7 (semver) Affected: 7.2.1 , ≤ 7.2.10 (semver) Affected: 7.0.1 , ≤ 7.0.14 (semver) Affected: 6.4.1 , ≤ 6.4.7 (semver) cpe:2.3:a:fortinet:fortimanagercloud:7.6.3:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.6.2:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.4.7:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.4.6:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.4.5:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.4.4:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.4.3:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.4.2:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.4.1:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.2.10:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.2.9:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.2.8:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.2.7:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.2.6:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.2.5:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.2.4:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.2.3:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.2.2:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.2.1:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.0.14:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.0.13:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.0.12:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.0.11:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.0.10:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.0.9:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.0.8:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.0.7:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.0.6:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.0.5:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.0.4:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.0.3:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.0.2:::::::* cpe:2.3:a:fortinet:fortimanagercloud:7.0.1:::::::* cpe:2.3:a:fortinet:fortimanagercloud:6.4.7:::::::* cpe:2.3:a:fortinet:fortimanagercloud:6.4.6:::::::* cpe:2.3:a:fortinet:fortimanagercloud:6.4.5:::::::* cpe:2.3:a:fortinet:fortimanagercloud:6.4.4:::::::* cpe:2.3:a:fortinet:fortimanagercloud:6.4.3:::::::* cpe:2.3:a:fortinet:fortimanagercloud:6.4.2:::::::* cpe:2.3:a:fortinet:fortimanagercloud:6.4.1:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48418",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-11T03:56:54.022497Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-11T13:08:18.809Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:o:fortinet:fortianalyzer:7.6.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.6.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.6.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.6.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.4.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.4.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.2.10:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.2.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.2.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.2.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.14:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.13:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.15:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.14:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.13:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.10:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiAnalyzer",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.6.3",
              "status": "affected",
              "version": "7.6.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.4.7",
              "status": "affected",
              "version": "7.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.2.10",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.14",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.15",
              "status": "affected",
              "version": "6.4.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.6.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.4.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.4.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.2.10:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.2.9:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.2.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.2.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.0.14:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.0.13:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.0.12:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.0.11:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.0.10:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.0.9:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.0.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.0.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.0.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:6.4.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:6.4.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:6.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:6.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:6.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:6.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortianalyzercloud:6.4.1:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiAnalyzer Cloud",
          "vendor": "Fortinet",
          "versions": [
            {
              "status": "affected",
              "version": "7.6.2"
            },
            {
              "lessThanOrEqual": "7.4.7",
              "status": "affected",
              "version": "7.4.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.2.10",
              "status": "affected",
              "version": "7.2.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.14",
              "status": "affected",
              "version": "7.0.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.7",
              "status": "affected",
              "version": "6.4.1",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:fortinet:fortimanager:7.6.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.6.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.6.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.6.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.4.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.4.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.2.10:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.2.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.2.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.2.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.14:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.13:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.15:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiManager",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.6.3",
              "status": "affected",
              "version": "7.6.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.4.7",
              "status": "affected",
              "version": "7.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.2.10",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.14",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.15",
              "status": "affected",
              "version": "6.4.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortimanagercloud:7.6.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.6.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.4.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.4.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.2.10:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.2.9:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.2.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.2.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.0.14:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.0.13:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.0.12:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.0.11:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.0.10:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.0.9:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.0.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.0.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.0.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:6.4.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:6.4.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:6.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:6.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:6.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:6.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimanagercloud:6.4.1:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiManager Cloud",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.6.3",
              "status": "affected",
              "version": "7.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.4.7",
              "status": "affected",
              "version": "7.4.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.2.10",
              "status": "affected",
              "version": "7.2.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.14",
              "status": "affected",
              "version": "7.0.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.7",
              "status": "affected",
              "version": "6.4.1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A hidden functionality vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2.0 through 7.2.10, FortiAnalyzer 7.0.0 through 7.0.14, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud 7.4.1 through 7.4.7, FortiAnalyzer Cloud 7.2.1 through 7.2.10, FortiAnalyzer Cloud 7.0.1 through 7.0.14, FortiAnalyzer Cloud 6.4 all versions, FortiManager 7.6.0 through 7.6.3, FortiManager 7.4.0 through 7.4.7, FortiManager 7.2.0 through 7.2.10, FortiManager 7.0.0 through 7.0.14, FortiManager 6.4 all versions, FortiManager Cloud 7.6.2 through 7.6.3, FortiManager Cloud 7.4.1 through 7.4.7, FortiManager Cloud 7.2.1 through 7.2.10, FortiManager Cloud 7.0.1 through 7.0.14, FortiManager Cloud 6.4 all versions may allow a remote authenticated read-only admin with CLI access to escalate their privilege via use of a hidden command."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:W/RC:C",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-912",
              "description": "Escalation of privilege",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-10T16:44:17.571Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-081",
          "url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-081"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to FortiAnalyzer version 7.6.4 or above\nUpgrade to FortiAnalyzer version 7.4.8 or above\nUpgrade to FortiAnalyzer version 7.2.11 or above\nUpgrade to FortiAnalyzer version 7.0.15 or above\nUpgrade to FortiAnalyzer Cloud version 7.6.4 or above\nUpgrade to FortiAnalyzer Cloud version 7.4.8 or above\nUpgrade to FortiAnalyzer Cloud version 7.2.11 or above\nUpgrade to FortiAnalyzer Cloud version 7.0.15 or above\nUpgrade to FortiManager version 7.6.4 or above\nUpgrade to FortiManager version 7.4.8 or above\nUpgrade to FortiManager version 7.2.11 or above\nUpgrade to FortiManager version 7.0.15 or above\nUpgrade to FortiManager Cloud version 7.6.4 or above\nUpgrade to FortiManager Cloud version 7.4.8 or above\nUpgrade to FortiManager Cloud version 7.2.11 or above\nUpgrade to FortiManager Cloud version 7.0.15 or above"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2025-48418",
    "datePublished": "2026-03-10T16:44:17.571Z",
    "dateReserved": "2025-05-20T11:27:34.039Z",
    "dateUpdated": "2026-03-11T13:08:18.809Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-48418\",\"sourceIdentifier\":\"psirt@fortinet.com\",\"published\":\"2026-03-10T18:17:56.793\",\"lastModified\":\"2026-03-12T21:21:55.010\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A hidden functionality vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2.0 through 7.2.10, FortiAnalyzer 7.0.0 through 7.0.14, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud 7.4.1 through 7.4.7, FortiAnalyzer Cloud 7.2.1 through 7.2.10, FortiAnalyzer Cloud 7.0.1 through 7.0.14, FortiAnalyzer Cloud 6.4 all versions, FortiManager 7.6.0 through 7.6.3, FortiManager 7.4.0 through 7.4.7, FortiManager 7.2.0 through 7.2.10, FortiManager 7.0.0 through 7.0.14, FortiManager 6.4 all versions, FortiManager Cloud 7.6.2 through 7.6.3, FortiManager Cloud 7.4.1 through 7.4.7, FortiManager Cloud 7.2.1 through 7.2.10, FortiManager Cloud 7.0.1 through 7.0.14, FortiManager Cloud 6.4 all versions may allow a remote authenticated read-only admin with CLI access to escalate their privilege via use of a hidden command.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de funcionalidad oculta en Fortinet FortiAnalyzer desde 7.6.0 hasta 7.6.3, FortiAnalyzer desde 7.4.0 hasta 7.4.7, FortiAnalyzer desde 7.2.0 hasta 7.2.10, FortiAnalyzer desde 7.0.0 hasta 7.0.14, FortiAnalyzer 6.4 en todas las versiones, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud desde 7.4.1 hasta 7.4.7, FortiAnalyzer Cloud desde 7.2.1 hasta 7.2.10, FortiAnalyzer Cloud desde 7.0.1 hasta 7.0.14, FortiAnalyzer Cloud 6.4 en todas las versiones, FortiManager desde 7.6.0 hasta 7.6.3, FortiManager desde 7.4.0 hasta 7.4.7, FortiManager desde 7.2.0 hasta 7.2.10, FortiManager desde 7.0.0 hasta 7.0.14, FortiManager 6.4 en todas las versiones, FortiManager Cloud desde 7.6.2 hasta 7.6.3, FortiManager Cloud desde 7.4.1 hasta 7.4.7, FortiManager Cloud desde 7.2.1 hasta 7.2.10, FortiManager Cloud desde 7.0.1 hasta 7.0.14, FortiManager Cloud 6.4 en todas las versiones podr\u00eda permitir a un administrador remoto autenticado de solo lectura con acceso a la CLI escalar sus privilegios mediante el uso de un comando oculto.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@fortinet.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@fortinet.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-912\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.4.0\",\"versionEndExcluding\":\"7.0.15\",\"matchCriteriaId\":\"9B11229B-2427-434A-8C48-3F985AB72816\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.2.0\",\"versionEndExcluding\":\"7.2.11\",\"matchCriteriaId\":\"9E6DEDA7-2A2E-4544-8E11-8F62E73C85FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.4.0\",\"versionEndExcluding\":\"7.4.8\",\"matchCriteriaId\":\"A03D6D6F-DC59-44BA-8839-6A49DAE42BEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.6.0\",\"versionEndExcluding\":\"7.6.4\",\"matchCriteriaId\":\"0EC7E465-5168-4BB8-89D3-244E6DBF70A0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.4.1\",\"versionEndExcluding\":\"7.0.15\",\"matchCriteriaId\":\"BD321FE6-3AEC-464C-825F-E55749F49747\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.2.1\",\"versionEndExcluding\":\"7.2.11\",\"matchCriteriaId\":\"6F9EE52D-70AE-4039-960D-7F1C2B210D7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.4.1\",\"versionEndExcluding\":\"7.4.8\",\"matchCriteriaId\":\"F25FFC9B-E398-4E76-819C-0E989916D463\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.6.2\",\"versionEndExcluding\":\"7.6.4\",\"matchCriteriaId\":\"D02EAE43-43E9-4D70-A6F0-A9BED7AAB9F1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.4.0\",\"versionEndExcluding\":\"7.0.15\",\"matchCriteriaId\":\"ED4A5B65-83BB-4C3F-964A-A1E2C57B995C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.2.0\",\"versionEndExcluding\":\"7.2.11\",\"matchCriteriaId\":\"F66A175C-52AB-4949-9082-F880BAB1693D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.4.0\",\"versionEndExcluding\":\"7.4.8\",\"matchCriteriaId\":\"C1D219F0-9035-478D-8B95-3F25C74E4AEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.6.0\",\"versionEndExcluding\":\"7.6.4\",\"matchCriteriaId\":\"7E7EC074-7835-438D-8501-D7FA6A84F280\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortianalyzer_cloud:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.4.1\",\"versionEndExcluding\":\"7.0.15\",\"matchCriteriaId\":\"11B1FC39-775D-4713-9583-EEEDDD69FCEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortianalyzer_cloud:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.2.1\",\"versionEndExcluding\":\"7.2.11\",\"matchCriteriaId\":\"3F4B1FB2-2DCB-41AE-A1CD-8D2BB5108617\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortianalyzer_cloud:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.4.1\",\"versionEndExcluding\":\"7.4.8\",\"matchCriteriaId\":\"FD020B06-F76C-4598-BDD8-597F7D7CB4F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortianalyzer_cloud:7.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0398B368-C2ED-40BF-ADF1-7A105E242A1F\"}]}]}],\"references\":[{\"url\":\"https://fortiguard.fortinet.com/psirt/FG-IR-26-081\",\"source\":\"psirt@fortinet.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-48418\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-11T03:56:54.022497Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-11T13:02:46.084Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.4, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:W/RC:C\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:fortinet:fortianalyzer:7.6.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.6.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.6.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.6.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.4.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.4.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.4.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.4.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.4.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.2.10:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.2.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.2.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.2.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.2.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.14:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.13:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:6.4.15:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:6.4.14:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:6.4.13:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:6.4.12:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:6.4.11:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:6.4.10:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:6.4.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:6.4.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:*\"], \"vendor\": \"Fortinet\", \"product\": \"FortiAnalyzer\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.6.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.6.3\"}, {\"status\": \"affected\", \"version\": \"7.4.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.4.7\"}, {\"status\": \"affected\", \"version\": \"7.2.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.2.10\"}, {\"status\": \"affected\", \"version\": \"7.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.0.14\"}, {\"status\": \"affected\", \"version\": \"6.4.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.4.15\"}], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:a:fortinet:fortianalyzercloud:7.6.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.7:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.6:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.5:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.4.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.10:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.9:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.8:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.7:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.6:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.5:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.2.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.14:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.13:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.12:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.11:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.10:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.9:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.8:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.7:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.6:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.5:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:7.0.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:6.4.7:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:6.4.6:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:6.4.5:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:6.4.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:6.4.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:6.4.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortianalyzercloud:6.4.1:*:*:*:*:*:*:*\"], \"vendor\": \"Fortinet\", \"product\": \"FortiAnalyzer Cloud\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.6.2\"}, {\"status\": \"affected\", \"version\": \"7.4.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.4.7\"}, {\"status\": \"affected\", \"version\": \"7.2.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.2.10\"}, {\"status\": \"affected\", \"version\": \"7.0.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.0.14\"}, {\"status\": \"affected\", \"version\": \"6.4.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.4.7\"}], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:o:fortinet:fortimanager:7.6.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.6.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.6.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.6.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.4.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.4.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.4.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.4.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.2.10:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.2.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.2.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.2.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.2.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.14:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.13:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:6.4.15:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*\"], \"vendor\": \"Fortinet\", \"product\": \"FortiManager\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.6.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.6.3\"}, {\"status\": \"affected\", \"version\": \"7.4.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.4.7\"}, {\"status\": \"affected\", \"version\": \"7.2.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.2.10\"}, {\"status\": \"affected\", \"version\": \"7.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.0.14\"}, {\"status\": \"affected\", \"version\": \"6.4.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.4.15\"}], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:a:fortinet:fortimanagercloud:7.6.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.6.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.4.7:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.4.6:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.4.5:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.4.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.4.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.4.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.4.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.2.10:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.2.9:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.2.8:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.2.7:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.2.6:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.2.5:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.2.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.2.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.2.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.2.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.0.14:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.0.13:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.0.12:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.0.11:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.0.10:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.0.9:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.0.8:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.0.7:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.0.6:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.0.5:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.0.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.0.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.0.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:7.0.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:6.4.7:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:6.4.6:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:6.4.5:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:6.4.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:6.4.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:6.4.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortimanagercloud:6.4.1:*:*:*:*:*:*:*\"], \"vendor\": \"Fortinet\", \"product\": \"FortiManager Cloud\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.6.2\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.6.3\"}, {\"status\": \"affected\", \"version\": \"7.4.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.4.7\"}, {\"status\": \"affected\", \"version\": \"7.2.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.2.10\"}, {\"status\": \"affected\", \"version\": \"7.0.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.0.14\"}, {\"status\": \"affected\", \"version\": \"6.4.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.4.7\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Upgrade to FortiAnalyzer version 7.6.4 or above\\nUpgrade to FortiAnalyzer version 7.4.8 or above\\nUpgrade to FortiAnalyzer version 7.2.11 or above\\nUpgrade to FortiAnalyzer version 7.0.15 or above\\nUpgrade to FortiAnalyzer Cloud version 7.6.4 or above\\nUpgrade to FortiAnalyzer Cloud version 7.4.8 or above\\nUpgrade to FortiAnalyzer Cloud version 7.2.11 or above\\nUpgrade to FortiAnalyzer Cloud version 7.0.15 or above\\nUpgrade to FortiManager version 7.6.4 or above\\nUpgrade to FortiManager version 7.4.8 or above\\nUpgrade to FortiManager version 7.2.11 or above\\nUpgrade to FortiManager version 7.0.15 or above\\nUpgrade to FortiManager Cloud version 7.6.4 or above\\nUpgrade to FortiManager Cloud version 7.4.8 or above\\nUpgrade to FortiManager Cloud version 7.2.11 or above\\nUpgrade to FortiManager Cloud version 7.0.15 or above\"}], \"references\": [{\"url\": \"https://fortiguard.fortinet.com/psirt/FG-IR-26-081\", \"name\": \"https://fortiguard.fortinet.com/psirt/FG-IR-26-081\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A hidden functionality vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2.0 through 7.2.10, FortiAnalyzer 7.0.0 through 7.0.14, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud 7.4.1 through 7.4.7, FortiAnalyzer Cloud 7.2.1 through 7.2.10, FortiAnalyzer Cloud 7.0.1 through 7.0.14, FortiAnalyzer Cloud 6.4 all versions, FortiManager 7.6.0 through 7.6.3, FortiManager 7.4.0 through 7.4.7, FortiManager 7.2.0 through 7.2.10, FortiManager 7.0.0 through 7.0.14, FortiManager 6.4 all versions, FortiManager Cloud 7.6.2 through 7.6.3, FortiManager Cloud 7.4.1 through 7.4.7, FortiManager Cloud 7.2.1 through 7.2.10, FortiManager Cloud 7.0.1 through 7.0.14, FortiManager Cloud 6.4 all versions may allow a remote authenticated read-only admin with CLI access to escalate their privilege via use of a hidden command.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-912\", \"description\": \"Escalation of privilege\"}]}], \"providerMetadata\": {\"orgId\": \"6abe59d8-c742-4dff-8ce8-9b0ca1073da8\", \"shortName\": \"fortinet\", \"dateUpdated\": \"2026-03-10T16:44:17.571Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-48418\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-11T13:08:18.809Z\", \"dateReserved\": \"2025-05-20T11:27:34.039Z\", \"assignerOrgId\": \"6abe59d8-c742-4dff-8ce8-9b0ca1073da8\", \"datePublished\": \"2026-03-10T16:44:17.571Z\", \"assignerShortName\": \"fortinet\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

GHSA-PF26-74CX-2VMM

Vulnerability from github – Published: 2026-03-10 18:31 – Updated: 2026-03-10 18:31

Details

Severity ?

6.7 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-48418"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-912"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-10T18:17:56Z",
    "severity": "MODERATE"
  },
  "details": "A hidden functionality vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2.0 through 7.2.10, FortiAnalyzer 7.0.0 through 7.0.14, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud 7.4.1 through 7.4.7, FortiAnalyzer Cloud 7.2.1 through 7.2.10, FortiAnalyzer Cloud 7.0.1 through 7.0.14, FortiAnalyzer Cloud 6.4 all versions, FortiManager 7.6.0 through 7.6.3, FortiManager 7.4.0 through 7.4.7, FortiManager 7.2.0 through 7.2.10, FortiManager 7.0.0 through 7.0.14, FortiManager 6.4 all versions, FortiManager Cloud 7.6.2 through 7.6.3, FortiManager Cloud 7.4.1 through 7.4.7, FortiManager Cloud 7.2.1 through 7.2.10, FortiManager Cloud 7.0.1 through 7.0.14, FortiManager Cloud 6.4 all versions may allow a remote authenticated read-only admin with CLI access to escalate their privilege via use of a hidden command.",
  "id": "GHSA-pf26-74cx-2vmm",
  "modified": "2026-03-10T18:31:18Z",
  "published": "2026-03-10T18:31:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48418"
    },
    {
      "type": "WEB",
      "url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-081"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

NCSC-2026-0086

Vulnerability from csaf_ncscnl - Published: 2026-03-11 09:19 - Updated: 2026-03-11 09:19

Summary

Kwetsbaarheden verholpen in Fortinet FortiManager en FortiAnalyzer

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Fortinet heeft kwetsbaarheden verholpen in FortiAnalyzer en FortiManager (inclusief cloudvarianten).

Interpretaties

De kwetsbaarheid met kenmerk CVE-2025-54820 zit in FortiManager. Deze kwetsbaarheid stelt een remote ongeauthenticeerde kwaadwillende in staat om via een stack-gebaseerde buffer overflow in de fgtupdates-service ongeautoriseerde commando's uit te voeren. Verder is er onder andere ook een kwetsbaarheid door onjuiste certificaatvalidatie die man-in-the-middle aanvallen mogelijk maakt, en een format string kwetsbaarheid die remote aanvallers met administratieve privileges in staat stelt om willekeurige code uit te voeren. Bovendien zijn er kwetsbaarheden in de multifactor authenticatie implementatie en in de beperking van overmatige authenticatiepogingen.

Oplossingen

Fortinet heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CWE-121

Stack-based Buffer Overflow

CWE-134

Use of Externally-Controlled Format String

CWE-288

Authentication Bypass Using an Alternate Path or Channel

CWE-295

Improper Certificate Validation

CWE-307

Improper Restriction of Excessive Authentication Attempts

CWE-912

Hidden Functionality

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Fortinet heeft kwetsbaarheden verholpen in FortiAnalyzer en FortiManager (inclusief cloudvarianten).",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheid met kenmerk CVE-2025-54820  zit in FortiManager. Deze kwetsbaarheid stelt een remote ongeauthenticeerde kwaadwillende in staat om via een stack-gebaseerde buffer overflow in de fgtupdates-service ongeautoriseerde commando\u0027s uit te voeren. Verder is er onder andere ook een kwetsbaarheid door onjuiste certificaatvalidatie die man-in-the-middle aanvallen mogelijk maakt, en een format string kwetsbaarheid die remote aanvallers met administratieve privileges in staat stelt om willekeurige code uit te voeren. Bovendien zijn er kwetsbaarheden in de multifactor authenticatie implementatie en in de beperking van overmatige authenticatiepogingen.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Fortinet heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
        "title": "CWE-89"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Use of Externally-Controlled Format String",
        "title": "CWE-134"
      },
      {
        "category": "general",
        "text": "Authentication Bypass Using an Alternate Path or Channel",
        "title": "CWE-288"
      },
      {
        "category": "general",
        "text": "Improper Certificate Validation",
        "title": "CWE-295"
      },
      {
        "category": "general",
        "text": "Improper Restriction of Excessive Authentication Attempts",
        "title": "CWE-307"
      },
      {
        "category": "general",
        "text": "Hidden Functionality",
        "title": "CWE-912"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-078"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-079"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-081"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-090"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-092"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-095"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-098"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Fortinet FortiManager en FortiAnalyzer",
    "tracking": {
      "current_release_date": "2026-03-11T09:19:38.777277Z",
      "generator": {
        "date": "2025-08-04T16:30:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.3"
        }
      },
      "id": "NCSC-2026-0086",
      "initial_release_date": "2026-03-11T09:19:38.777277Z",
      "revision_history": [
        {
          "date": "2026-03-11T09:19:38.777277Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-1"
                }
              }
            ],
            "category": "product_name",
            "name": "FortiAnalyzer"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-2"
                }
              }
            ],
            "category": "product_name",
            "name": "FortiAnalyzer Cloud"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-3"
                }
              }
            ],
            "category": "product_name",
            "name": "FortiManager"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-4"
                }
              }
            ],
            "category": "product_name",
            "name": "FortiManager Cloud"
          }
        ],
        "category": "vendor",
        "name": "Fortinet"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-48418",
      "cwe": {
        "id": "CWE-912",
        "name": "Hidden Functionality"
      },
      "notes": [
        {
          "category": "other",
          "text": "Hidden Functionality",
          "title": "CWE-912"
        },
        {
          "category": "description",
          "text": "A vulnerability in Fortinet FortiAnalyzer and FortiManager allows a remote authenticated read-only admin with CLI access to escalate privileges using an undocumented hidden command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48418 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48418.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:W/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4"
          ]
        }
      ],
      "title": "CVE-2025-48418"
    },
    {
      "cve": "CVE-2025-54820",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        },
        {
          "category": "description",
          "text": "A stack-based buffer overflow vulnerability in Fortinet FortiManager versions 6.4 through 7.4.2, specifically in the fgtupdates service, may allow remote unauthenticated attackers to execute unauthorized commands by bypassing stack protection via crafted requests.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-54820 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-54820.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:R",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4"
          ]
        }
      ],
      "title": "CVE-2025-54820"
    },
    {
      "cve": "CVE-2025-68482",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Certificate Validation",
          "title": "CWE-295"
        },
        {
          "category": "description",
          "text": "A vulnerability in multiple versions of Fortinet FortiAnalyzer and FortiManager enables remote unauthenticated attackers to conduct man-in-the-middle attacks and access confidential data due to improper certificate validation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-68482 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-68482.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:P/RL:W/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4"
          ]
        }
      ],
      "title": "CVE-2025-68482"
    },
    {
      "cve": "CVE-2025-68648",
      "cwe": {
        "id": "CWE-134",
        "name": "Use of Externally-Controlled Format String"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use of Externally-Controlled Format String",
          "title": "CWE-134"
        },
        {
          "category": "description",
          "text": "Multiple versions of Fortinet FortiAnalyzer, FortiAnalyzer Cloud, FortiManager, and FortiManager Cloud contain an externally-controlled format string vulnerability (CWE-134) in the fazsvcd daemon that may allow remote attackers with admin privileges to execute arbitrary code or escalate privileges via crafted requests.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-68648 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-68648.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4"
          ]
        }
      ],
      "title": "CVE-2025-68648"
    },
    {
      "cve": "CVE-2026-22572",
      "cwe": {
        "id": "CWE-288",
        "name": "Authentication Bypass Using an Alternate Path or Channel"
      },
      "notes": [
        {
          "category": "other",
          "text": "Authentication Bypass Using an Alternate Path or Channel",
          "title": "CWE-288"
        },
        {
          "category": "description",
          "text": "A vulnerability in Fortinet FortiAnalyzer and FortiManager allows attackers with the admin password to bypass multifactor authentication by submitting multiple crafted requests, enabling MFA circumvention.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-22572 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-22572.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4"
          ]
        }
      ],
      "title": "CVE-2026-22572"
    },
    {
      "cve": "CVE-2026-22629",
      "cwe": {
        "id": "CWE-307",
        "name": "Improper Restriction of Excessive Authentication Attempts"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Excessive Authentication Attempts",
          "title": "CWE-307"
        },
        {
          "category": "description",
          "text": "Multiple versions of Fortinet FortiAnalyzer and FortiManager, including cloud variants, contain a CWE-307 vulnerability that allows attackers to bypass brute force protections by exploiting race conditions in authentication attempts.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-22629 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-22629.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:W/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4"
          ]
        }
      ],
      "title": "CVE-2026-22629"
    },
    {
      "cve": "CVE-2025-49784",
      "cwe": {
        "id": "CWE-89",
        "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
          "title": "CWE-89"
        },
        {
          "category": "description",
          "text": "Fortinet FortiAnalyzer and FortiAnalyzer-BigData versions 6.2 through 7.6.4 contain an SQL injection vulnerability that allows authenticated attackers to execute unauthorized code or commands via specially crafted API requests.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-49784 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-49784.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L/E:F/RL:T/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4"
          ]
        }
      ],
      "title": "CVE-2025-49784"
    }
  ]
}

CERTFR-2026-AVI-0265

Vulnerability from certfr_avis - Published: 2026-03-11 - Updated: 2026-03-11

De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et une atteinte à la confidentialité des données.

Concernant la vulnérabilité CVE-2025-66178, l'éditeur fournit certaines recommandations dans l'attente de la version correctrice.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Fortinet	FortiClient	FortiClientLinux versions 7.4.x antérieures à 7.4.5
Fortinet	FortiAnalyzer	FortiAnalyzer-BigData versions 7.6.x antérieures à 7.6.1
Fortinet	FortiMail	FortiMail versions 7.4.x antérieures à 7.4.5
Fortinet	FortiClient	FortiClientLinux versions antérieures à 7.2.13
Fortinet	FortiSandbox	FortiSandbox versions antérieures à 4.4.8
Fortinet	FortiManager	FortiManager versions antérieures à 7.6.5
Fortinet	FortiManager	FortiManager Cloud versions antérieures à 7.6.5
Fortinet	FortiMail	FortiMail versions 7.6.x antérieures à 7.6.3
Fortinet	FortiDeceptor	FortiDeceptor toutes versions antérieures à 6.2.1
Fortinet	FortiVoice	FortiVoice versions 7.2.x antérieures à 7.2.1
Fortinet	FortiAnalyzer	FortiAnalyzer Cloud versions antérieures à 7.6.5
Fortinet	FortiSOAR	FortiSOAR Agent Communication Bridge versions antérieures à 1.1.1
Fortinet	FortiWeb	FortiWeb versions antérieures à 7.6.7
Fortinet	FortiVoice	FortiVoice versions 7.0.x antérieures à 7.0.7
Fortinet	FortiSIEM	FortiSIEM versions 7.4.x antérieures à 7.4.1
Fortinet	FortiSIEM	FortiSIEM versions 7.3.x antérieures à 7.3.5
Fortinet	FortiWeb	FortiWeb versions 8.0.x antérieures à 8.0.4
Fortinet	FortiRecorder	FortiRecorder toutes versions antérieures à 7.2.4
Fortinet	FortiAnalyzer	FortiAnalyzer-BigData versions antérieures à 7.4.5
Fortinet	FortiMail	FortiMail versions 7.2.x antérieures à 7.2.8
Fortinet	FortiSwitch	FortiSwitchAXFixed versions 1.0.x antérieures à 1.0.2
Fortinet	FortiAnalyzer	FortiAnalyzer versions antérieures à 7.6.5
Fortinet	FortiMail	FortiMail versions 7.0.x antérieures à 7.0.9

References

Title

Publication Time

FKIE_CVE-2025-48418

Vulnerability from fkie_nvd - Published: 2026-03-10 18:17 - Updated: 2026-03-12 21:21

Severity ?

6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	psirt@fortinet.com	https://fortiguard.fortinet.com/psirt/FG-IR-26-081	Vendor Advisory

Impacted products

Vendor	Product	Version
fortinet	fortimanager	*
fortinet	fortimanager	*
fortinet	fortimanager	*
fortinet	fortimanager	*
fortinet	fortimanager_cloud	*
fortinet	fortimanager_cloud	*
fortinet	fortimanager_cloud	*
fortinet	fortimanager_cloud	*
fortinet	fortianalyzer	*
fortinet	fortianalyzer	*
fortinet	fortianalyzer	*
fortinet	fortianalyzer	*
fortinet	fortianalyzer_cloud	*
fortinet	fortianalyzer_cloud	*
fortinet	fortianalyzer_cloud	*
fortinet	fortianalyzer_cloud	7.6.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B11229B-2427-434A-8C48-3F985AB72816",
              "versionEndExcluding": "7.0.15",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E6DEDA7-2A2E-4544-8E11-8F62E73C85FE",
              "versionEndExcluding": "7.2.11",
              "versionStartIncluding": "7.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A03D6D6F-DC59-44BA-8839-6A49DAE42BEB",
              "versionEndExcluding": "7.4.8",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EC7E465-5168-4BB8-89D3-244E6DBF70A0",
              "versionEndExcluding": "7.6.4",
              "versionStartIncluding": "7.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD321FE6-3AEC-464C-825F-E55749F49747",
              "versionEndExcluding": "7.0.15",
              "versionStartIncluding": "6.4.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F9EE52D-70AE-4039-960D-7F1C2B210D7F",
              "versionEndExcluding": "7.2.11",
              "versionStartIncluding": "7.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F25FFC9B-E398-4E76-819C-0E989916D463",
              "versionEndExcluding": "7.4.8",
              "versionStartIncluding": "7.4.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D02EAE43-43E9-4D70-A6F0-A9BED7AAB9F1",
              "versionEndExcluding": "7.6.4",
              "versionStartIncluding": "7.6.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED4A5B65-83BB-4C3F-964A-A1E2C57B995C",
              "versionEndExcluding": "7.0.15",
              "versionStartIncluding": "6.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F66A175C-52AB-4949-9082-F880BAB1693D",
              "versionEndExcluding": "7.2.11",
              "versionStartIncluding": "7.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1D219F0-9035-478D-8B95-3F25C74E4AEB",
              "versionEndExcluding": "7.4.8",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E7EC074-7835-438D-8501-D7FA6A84F280",
              "versionEndExcluding": "7.6.4",
              "versionStartIncluding": "7.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:fortinet:fortianalyzer_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11B1FC39-775D-4713-9583-EEEDDD69FCEC",
              "versionEndExcluding": "7.0.15",
              "versionStartIncluding": "6.4.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:fortinet:fortianalyzer_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F4B1FB2-2DCB-41AE-A1CD-8D2BB5108617",
              "versionEndExcluding": "7.2.11",
              "versionStartIncluding": "7.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:fortinet:fortianalyzer_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD020B06-F76C-4598-BDD8-597F7D7CB4F2",
              "versionEndExcluding": "7.4.8",
              "versionStartIncluding": "7.4.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:fortinet:fortianalyzer_cloud:7.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0398B368-C2ED-40BF-ADF1-7A105E242A1F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A hidden functionality vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2.0 through 7.2.10, FortiAnalyzer 7.0.0 through 7.0.14, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud 7.4.1 through 7.4.7, FortiAnalyzer Cloud 7.2.1 through 7.2.10, FortiAnalyzer Cloud 7.0.1 through 7.0.14, FortiAnalyzer Cloud 6.4 all versions, FortiManager 7.6.0 through 7.6.3, FortiManager 7.4.0 through 7.4.7, FortiManager 7.2.0 through 7.2.10, FortiManager 7.0.0 through 7.0.14, FortiManager 6.4 all versions, FortiManager Cloud 7.6.2 through 7.6.3, FortiManager Cloud 7.4.1 through 7.4.7, FortiManager Cloud 7.2.1 through 7.2.10, FortiManager Cloud 7.0.1 through 7.0.14, FortiManager Cloud 6.4 all versions may allow a remote authenticated read-only admin with CLI access to escalate their privilege via use of a hidden command."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de funcionalidad oculta en Fortinet FortiAnalyzer desde 7.6.0 hasta 7.6.3, FortiAnalyzer desde 7.4.0 hasta 7.4.7, FortiAnalyzer desde 7.2.0 hasta 7.2.10, FortiAnalyzer desde 7.0.0 hasta 7.0.14, FortiAnalyzer 6.4 en todas las versiones, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud desde 7.4.1 hasta 7.4.7, FortiAnalyzer Cloud desde 7.2.1 hasta 7.2.10, FortiAnalyzer Cloud desde 7.0.1 hasta 7.0.14, FortiAnalyzer Cloud 6.4 en todas las versiones, FortiManager desde 7.6.0 hasta 7.6.3, FortiManager desde 7.4.0 hasta 7.4.7, FortiManager desde 7.2.0 hasta 7.2.10, FortiManager desde 7.0.0 hasta 7.0.14, FortiManager 6.4 en todas las versiones, FortiManager Cloud desde 7.6.2 hasta 7.6.3, FortiManager Cloud desde 7.4.1 hasta 7.4.7, FortiManager Cloud desde 7.2.1 hasta 7.2.10, FortiManager Cloud desde 7.0.1 hasta 7.0.14, FortiManager Cloud 6.4 en todas las versiones podr\u00eda permitir a un administrador remoto autenticado de solo lectura con acceso a la CLI escalar sus privilegios mediante el uso de un comando oculto."
    }
  ],
  "id": "CVE-2025-48418",
  "lastModified": "2026-03-12T21:21:55.010",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "psirt@fortinet.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2026-03-10T18:17:56.793",
  "references": [
    {
      "source": "psirt@fortinet.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-081"
    }
  ],
  "sourceIdentifier": "psirt@fortinet.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-912"
        }
      ],
      "source": "psirt@fortinet.com",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-48418 (GCVE-0-2025-48418)

GHSA-PF26-74CX-2VMM

NCSC-2026-0086

CERTFR-2026-AVI-0265

Solutions

FKIE_CVE-2025-48418

Tags

Sightings

Nomenclature