Fortinet FortiManager Cloud
Moderate fix1 remedy
cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*
Moderate fix1 remedy
- >= 7.4.1, <= 7.4.3
Fortinet Products Sensitive Information Disclosure Vulnerability
Vulnerability
Patched
A vulnerability allowing the insertion of sensitive information into sent data has been identified in multiple Fortinet products, including FortiManager Cloud, FortiVoice, FortiMail, FortiOS, FortiWeb, FortiRecorder, FortiNDR, FortiPAM, FortiTester, and FortiProxy. This vulnerability affects various versions across these products, with the exception of certain FortiManager, FortiNDR, FortiPAM, FortiTester, FortiVoice, and FortiWeb versions. The issue allows a remote authenticated attacker to disclose sensitive information by sending specially crafted packets, potentially leading to the unauthorized reading of small, non-arbitrary parts of memory.
Impact
Exploitation of this vulnerability could result in unauthorized disclosure of sensitive information, allowing attackers to read small and non-arbitrary parts of memory.
Remediation
Users can upgrade to the latest versions or migrate to fixed releases, depending on the specific Fortinet product. Detailed upgrade instructions are available on the Fortinet documentation site.
Added: Oct 14, 2025, 4:35 PM
Updated: Oct 14, 2025, 11:15 PM
Vulnerability Rating
Custom Algorithm
spread
6.8impact
2.5exploitability
4.9remediation
7.7relevance
0.7threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.