3.2

CVE-2026-25815

EPSS 0%
Veröffentlicht 05.02.2026 21:14:09
Zuletzt bearbeitet 06.02.2026 15:14:47
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Fortinet FortiOS through 7.6.6 allows attackers to decrypt LDAP credentials stored in device configuration files, as exploited in the wild from 2025-12-16 through 2026 (by default, the encryption key is the same across all customers' installations). NOTE: the Supplier's position is that the instance of CWE-1394 is not a vulnerability because customers "are supposed to enable" a non-default option that eliminates the weakness. However, that non-default option can disrupt functionality as shown in the "Managing FortiGates with private data encryption" document, and is therefore intentionally not a default option.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerFortinet

≫

Produkt FortiOS

Default Statusunknown

Version <= 7.6.6

Version 0

Status affected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0%	0.001

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
cve@mitre.org	3.2	1.4	1.4	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N

CWE-1394 Use of Default Cryptographic Key

The product uses a default cryptographic key for potentially critical functionality.

https://www.cert.at/en/blog/2026/1/threat-actors-use-forticloud-to-collect-ldap-connection-passwords

https://docs.fortinet.com/document/fortimanager/7.6.6/administration-guide/30332/managing-fortigates-with-private-data-encryption

https://nvd.nist.gov/vuln/detail/CVE-2026-25815

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-25815

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-25815

EUVD