How to fix CVE-2025-68648?

Within 24 hours: Inventory all FortiAnalyzer and FortiManager instances and identify those running versions 7.0-7.6.4; implement network access controls restricting administrative access to these systems. Within 7 days: Apply additional monitoring and logging to detect exploitation attempts; evaluate upgrade paths to versions 7.8 or later when available; consider isolating affected systems from untrusted networks. Within 30 days: Execute planned upgrades to patched versions; complete post-patch validation and security testing; document all compensating controls implemented during the interim period.

Is Fortimanager Cloud affected by CVE-2025-68648?

A critical format string vulnerability in Fortinet FortiAnalyzer and FortiManager versions 7.0-7.6.4 could allow attackers to execute arbitrary code or extract sensitive data from these central security management systems.

CVE-2025-68648

HIGH

2026-03-10 [email protected]

7.2

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

CVE Published

Mar 10, 2026 - 18:18 nvd

HIGH 7.2

Description

A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.0 through 7.6.4, FortiAnalyzer Cloud 7.4.0 through 7.4.7, FortiAnalyzer Cloud 7.2 all versions, FortiAnalyzer Cloud 7.0 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.7, FortiManager 7.2 all versions, FortiManager 7.0 all versions, FortiManager Cloud 7.6.0 through 7.6.4, FortiManager Cloud 7.4.0 through 7.4.7, FortiManager Cloud 7.2 all versions, FortiManager Cloud 7.0 all versions may allow an attacker to escalate its privileges via specially crafted requests.

Analysis

Technical Context

This vulnerability (CWE-134: Use of Externally-Controlled Format String) affects A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0. A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.0 through 7.6.4, FortiAnalyzer Cloud 7.4.0 through 7.4.7, FortiAnalyzer Cloud 7.2 all versions, FortiAnalyzer Cloud 7.0 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.7, FortiManager 7.2 all versions, FortiManager 7.0 all versions, FortiMa

Affected Products

Product: A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0. Versions: up to 7.6.4.

Remediation

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +36

POC: 0

CVE-2025-68648 vulnerability details – vuln.today

Back

CVE-2025-68648

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-68648

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code