CVE-2025-48418

Name of the Vulnerable Software and Affected Versions Fortinet FortiAnalyzer versions 6.4 through 7.6.3 Fortinet FortiAnalyzer Cloud versions 6.4 through 7.6.2 Fortinet FortiManager versions 6.4 through 7.6.3 Fortinet FortiManager Cloud versions 6.4 through 7.6.3 Fortinet FortiAnalyzer versions 7.0.0 through 7.0.14 Fortinet FortiAnalyzer Cloud versions 7.0.1 through 7.0.14 Fortinet FortiManager versions 7.0.0 through 7.0.14 Fortinet FortiManager Cloud versions 7.0.1 through 7.0.14 Fortinet FortiAnalyzer versions 7.2.0 through 7.2.10 Fortinet FortiAnalyzer Cloud versions 7.2.1 through 7.2.10 Fortinet FortiManager versions 7.2.0 through 7.2.10 Fortinet FortiManager Cloud versions 7.2.1 through 7.2.10 Fortinet FortiAnalyzer versions 7.4.0 through 7.4.7 Fortinet FortiAnalyzer Cloud versions 7.4.1 through 7.4.7 Fortinet FortiManager versions 7.4.0 through 7.4.7 Fortinet FortiManager Cloud versions 7.4.1 through 7.4.7 Fortinet FortiAnalyzer versions 7.6.0 through 7.6.3 Fortinet FortiAnalyzer Cloud version 7.6.2 Fortinet FortiManager versions 7.6.0 through 7.6.3 Fortinet FortiManager Cloud versions 7.6.2 through 7.6.3

Description A hidden functionality exists in Fortinet FortiAnalyzer and FortiManager products. This issue involves the presence of undocumented configuration commands. Exploitation may allow an attacker with read-only access and Command Line Interface (CLI) access to elevate their privileges.

Recommendations Fortinet FortiAnalyzer versions 6.4 through 7.6.3 should be updated. Fortinet FortiAnalyzer Cloud versions 6.4 through 7.6.2 should be updated. Fortinet FortiManager versions 6.4 through 7.6.3 should be updated. Fortinet FortiManager Cloud versions 6.4 through 7.6.3 should be updated. Fortinet FortiAnalyzer versions 7.0.0 through 7.0.14 should be updated. Fortinet FortiAnalyzer Cloud versions 7.0.1 through 7.0.14 should be updated. Fortinet FortiManager versions 7.0.0 through 7.0.14 should be updated. Fortinet FortiManager Cloud versions 7.0.1 through 7.0.14 should be updated. Fortinet FortiAnalyzer versions 7.2.0 through 7.2.10 should be updated. Fortinet FortiAnalyzer Cloud versions 7.2.1 through 7.2.10 should be updated. Fortinet FortiManager versions 7.2.0 through 7.2.10 should be updated. Fortinet FortiManager Cloud versions 7.2.1 through 7.2.10 should be updated. Fortinet FortiAnalyzer versions 7.4.0 through 7.4.7 should be updated. Fortinet FortiAnalyzer Cloud versions 7.4.1 through 7.4.7 should be updated. Fortinet FortiManager versions 7.4.0 through 7.4.7 should be updated. Fortinet FortiManager Cloud versions 7.4.1 through 7.4.7 should be updated. Fortinet FortiAnalyzer versions 7.6.0 through 7.6.3 should be updated. Fortinet FortiAnalyzer Cloud version 7.6.2 should be updated. Fortinet FortiManager versions 7.6.0 through 7.6.3 should be updated. Fortinet FortiManager Cloud versions 7.6.2 through 7.6.3 should be updated.