CVE-2025-54027: 
WordPress vulnerability analysis and mitigation

A Use of Hard-coded Cryptographic Key vulnerability (CVE-2024-54027) was discovered in FortiSandbox affecting multiple versions including 5.0.0, versions 4.4.6 and below, 4.2.7 and below, 4.0.5 and below, 3.2.4 and below, 3.1.5 and below, and versions 3.0.7 to 3.0.5. The vulnerability was initially disclosed on March 11, 2025, and was internally discovered by Adham El karn of the Fortinet Product Security team (Fortinet Advisory).

The vulnerability is classified as a Use of Hard-coded Cryptographic Key issue (CWE-321) that affects the remote backup server password encryption functionality. The CVSS v3.1 base score varies between sources, with the NVD assigning a score of 4.4 (MEDIUM) with vector CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N, while Fortinet rates it at 8.2 (HIGH) with vector CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H (NVD).

The vulnerability may allow a privileged attacker with super-admin profile and CLI access to read sensitive data via CLI. This could potentially compromise the confidentiality and integrity of sensitive information stored in the affected FortiSandbox systems (Fortinet Advisory).

Fortinet has released fixes for all affected versions. Users are advised to upgrade to the following versions: FortiSandbox 5.0.1 or above for 5.0.0, 4.4.7 or above for versions 4.4.0-4.4.6, 4.2.8 or above for versions 4.2.0-4.2.7, 4.0.6 or above for versions 4.0.0-4.0.5. For FortiSandbox 3.2, 3.1, and 3.0 versions, users should migrate to a fixed release (Fortinet Advisory).