
PEACH
Uma estrutura de isolamento de inquilino
CVE-2025-55717 is a cleartext storage of sensitive information vulnerability (CWE-312) affecting Fortinet FortiMail, FortiRecorder, and FortiVoice products. Sensitive information — specifically user secrets — is stored in plaintext within debug logs, allowing an authenticated malicious administrator to retrieve them via CLI commands. Affected versions include FortiMail 7.0.0–7.0.8, 7.2.0–7.2.7, 7.4.0–7.4.4, and 7.6.0–7.6.2; FortiRecorder 6.4 (all versions), 7.0 (all versions), and 7.2.0–7.2.3; and FortiVoice 7.0.0–7.0.6 and 7.2.0. The vulnerability was discovered through an independent audit commissioned by Fortinet and publicly disclosed on March 10, 2026. It carries a CVSSv3.1 base score of 3.8–4.0 (Low/Medium) due to the high privilege requirement and local attack vector (FortiGuard PSIRT, Red Hat CVE).
The root cause is CWE-312 (Cleartext Storage of Sensitive Information): user secrets and passwords are written in plaintext to debug logs rather than being masked or encrypted. An authenticated administrator can access these logs via CLI commands on the affected device, exposing credentials that should be protected at rest. Exploitation requires local access to the device and an active administrator session, making the attack complexity high and limiting practical exploitability. No external network access or special protocol manipulation is required — the attacker simply reads debug log content through standard CLI interfaces (FortiGuard PSIRT).
Successful exploitation results in a high-confidentiality-impact breach: an authenticated administrator can extract user secrets and plaintext credentials stored in debug logs, potentially compromising user authentication data across the affected system. There is no integrity or availability impact. While the scope is limited to the local device and requires elevated privileges, exposed credentials could be leveraged for lateral movement or privilege escalation within the broader environment if reused elsewhere (FortiGuard PSIRT, Red Hat CVE).
Fortinet has released patched versions for all affected products. Upgrade to the following fixed releases: FortiMail 7.6.3 or later, 7.4.5 or later, 7.2.8 or later, or 7.0.9 or later (depending on branch); FortiRecorder 7.2.4 or later (FortiRecorder 6.4 and 7.0 users must migrate to a fixed release branch); FortiVoice 7.2.1 or later, or 7.0.7 or later. Patches were released on March 12, 2026. As interim mitigations, restrict administrative CLI access to trusted personnel only, implement multi-factor authentication for administrator accounts, and audit systems for any unauthorized administrative access. Monitor administrative CLI command usage for anomalous log-access activity (FortiGuard PSIRT).
The vulnerability was discovered through an internal audit commissioned by Fortinet, indicating proactive security review practices. Community and media attention has been limited given the low CVSS score and high exploitation prerequisites. Automated CVE tracking services such as VulDB and radar.offseq.com indexed the vulnerability shortly after disclosure, and it was noted on social platforms via CVEnew. No significant researcher commentary or major media coverage has been identified (FortiGuard PSIRT).
Origem: Este relatório foi gerado usando IA
Avaliação de vulnerabilidade gratuita
Avalie suas práticas de segurança na nuvem em 9 domínios de segurança para comparar seu nível de risco e identificar lacunas em suas defesas.
Marque uma demonstração personalizada
"A melhor experiência do usuário que eu já vi, fornece visibilidade total para cargas de trabalho na nuvem."
"A Wiz fornece um único painel de vidro para ver o que está acontecendo em nossos ambientes de nuvem."
"Sabemos que se a Wiz identifica algo como crítico, na verdade é."