Platform
fortinet
Component
fortianalyzer
Fixed in
7.6.5
7.4.9
7.2.13
7.0.17
6.4.16
7.6.5
7.4.9
7.2.13
7.0.17
6.4.16
7.6.4
7.4.8
7.2.11
7.0.15
6.4.8
7.6.3
7.4.8
7.2.11
7.0.15
6.4.8
CVE-2025-68482 describes an improper certificate validation vulnerability discovered in Fortinet FortiAnalyzer and FortiManager. This flaw allows a remote, unauthenticated attacker to potentially intercept and view confidential information through a man-in-the-middle (MiTM) attack. The vulnerability impacts FortiAnalyzer versions 6.4 through 7.6.4, as well as FortiManager versions 6.4 through 7.6.4. A fix is available via updated versions.
The primary impact of CVE-2025-68482 is the potential for unauthorized access to sensitive data. An attacker positioned as a MiTM can intercept network traffic between a client and the FortiAnalyzer/FortiManager appliance. Because certificate validation is inadequate, the attacker can present a forged certificate, effectively impersonating the legitimate appliance. This allows them to decrypt and view confidential information transmitted over the network, such as user credentials, configuration data, and security logs. The scope of data exposure depends on the network configuration and the types of data processed by the FortiAnalyzer/FortiManager. Successful exploitation could lead to significant data breaches and compromise the integrity of the security infrastructure.
CVE-2025-68482 was published on 2026-03-10. The vulnerability's severity is rated as MEDIUM. No public proof-of-concept (PoC) code has been publicly released as of the publication date. The vulnerability is not currently listed on CISA's Known Exploited Vulnerabilities (KEV) catalog. The EPSS score is pending evaluation.
Exploit Status
EPSS
0.02% (4% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-68482 is to upgrade FortiAnalyzer and FortiManager to a patched version. Fortinet has not released specific fixed versions in the provided data, so consult Fortinet's security advisories for the latest available patches. If upgrading immediately is not possible, consider implementing network segmentation to limit the potential impact of a successful attack. Additionally, enforce strict certificate pinning policies where feasible to further strengthen certificate validation. Monitor network traffic for suspicious MiTM activity. While not a direct fix, ensuring strong network security practices can reduce the likelihood of exploitation.
Update FortiAnalyzer to a version later than 7.6.4, 7.4.8, 7.2.12, 7.0.16, and 6.4.15, as appropriate, to correct the improper certificate validation. This will mitigate the risk of Man-in-the-Middle (MitM) attacks and potential viewing of confidential information.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-68482 is a MEDIUM severity vulnerability in Fortinet FortiAnalyzer and FortiManager allowing a MiTM attack to expose confidential information due to improper certificate validation.
You are affected if you are running FortiAnalyzer or FortiManager versions 6.4 through 7.6.4. Check your version and upgrade as soon as possible.
Upgrade to a patched version of FortiAnalyzer or FortiManager. Consult Fortinet's security advisories for the latest available patches.
As of the publication date, there are no confirmed reports of active exploitation, but the vulnerability is publicly known.
Refer to the official Fortinet security advisory for CVE-2025-68482 on the Fortinet support website.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.