PT-2025-41952 · Fortinet · Fortios
Published
2025-10-14
·
Updated
2025-10-15
·
CVE-2025-31514
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
FortiOS versions 6.4 through 7.0, 7.2, 7.4, and 7.6.0 through 7.6.3
Description
An issue exists where sensitive two-factor authentication (2FA) related information may be exposed. An attacker with read-only privileges could potentially retrieve this information by observing logs or using the diagnose command.
Recommendations
FortiOS versions prior to 6.4 should be updated.
FortiOS version 6.4 should be updated.
FortiOS version 7.0 should be updated.
FortiOS version 7.2 should be updated.
FortiOS version 7.4 should be updated.
FortiOS versions 7.6.0 through 7.6.3 should be updated.
Fix
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Fortios