AI description
CVE-2019-6693 involves the use of a hard-coded cryptographic key within Fortinet's FortiOS, FortiManager, and FortiAnalyzer. This key is used to encrypt sensitive data in CLI configurations and backup files. An attacker with access to these configurations or backup files can decrypt the data, including user passwords (excluding the administrator's password), private keys' passphrases, and High Availability passwords, by using the hard-coded key. The vulnerability affects FortiOS versions up to 6.2.0, 6.0.0 to 6.0.6, and 5.6.10, as well as specific versions of FortiManager and FortiAnalyzer. Fortinet has released updates that allow administrators to enable a setting that prompts for a user-defined cryptographic key, which is then used to encrypt sensitive data, mitigating the risk.
- Description
- Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' passwords (except the administrator's password), private keys' passphrases and High Availability password (when set).
- Source
- psirt@fortinet.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:N/A:N
Data from CISA
- Vulnerability name
- Fortinet FortiOS Use of Hard-Coded Credentials Vulnerability
- Exploit added on
- Jun 25, 2025
- Exploit action due
- Jul 16, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- nvd@nist.gov
- CWE-798
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DBDD29F8-B339-4C3B-AF3F-77BB3D323D1D",
"versionEndIncluding": "5.6.10"
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8FA4CED9-EAB9-4FE4-B058-CC4D3E03C520",
"versionEndIncluding": "6.0.6",
"versionStartIncluding": "6.0.0"
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "72C437B7-75F8-4DDC-9670-19E2C21ACB27"
}
],
"operator": "OR"
}
]
}
]