CVE-2025-68482

CVE Database · CVE-2025-68482

CVE-2025-68482

· MEDIUMAnalyzed

CVSS v3.1

6.9

EPSS

0.18%

Published

Mar 10, 2026

Modified

Mar 12, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A improper certificate validation vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.8, FortiManager 7.2 all versions, FortiManager 7.0 all versions, FortiManager 6.4 all versions may allow a remote unauthenticated attacker to view confidential information via a man in the middle [MiTM] attack.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N

Weaknesses (CWE)

CWE-295

Affected Products (4)

fortinet · fortimanager (up to 7.4.9)vulnerable

fortinet · fortimanager (up to 7.6.5)vulnerable

fortinet · fortianalyzer (up to 7.4.9)vulnerable

fortinet · fortianalyzer (up to 7.6.5)vulnerable

References (1)

https://fortiguard.fortinet.com/psirt/FG-IR-26-078

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs