CISA has issued a essential warning concerning a Fortinet FortiOS vulnerability that poses vital dangers to community safety infrastructure.
On June 25, 2025, CISA added CVE-2019-6693 to its Identified Exploited Vulnerabilities (KEV) catalog, indicating that this hard-coded credentials flaw is being actively exploited in real-world assaults.
Organizations utilizing Fortinet FortiOS methods now face a compulsory remediation deadline of July 16, 2025, as mandated by federal cybersecurity directives.
Abstract
1. CISA added CVE-2019-6693 to its Identified Exploited Vulnerabilities catalog on June 25, 2025, confirming energetic exploitation of Fortinet FortiOS methods in real-world assaults.
2. The vulnerability includes hard-coded encryption keys that enables attackers to decrypt delicate information from FortiOS configuration backup information.
3.Organizations utilizing affected Fortinet FortiOS methods have till July 16, 2025, to implement vendor mitigations or discontinue product use.
Arduous-Coded Credential Vulnerability
The inclusion of CVE-2019-6693 in CISA’s KEV catalog represents a major escalation within the risk panorama surrounding Fortinet’s FortiOS working system.
This vulnerability, labeled beneath CWE-798 (Use of Arduous-coded Credentials), has demonstrated energetic exploitation patterns that prompted federal cybersecurity authorities to mandate a direct organizational response.
This vulnerability permits risk actors to decipher delicate information contained inside FortiOS configuration backup information by way of data of the hard-coded encryption key.
The exploitation mechanism depends on attackers having access to these backup information after which leveraging the predictable cryptographic key to decrypt delicate configuration information.
The technical classification beneath CWE-798 signifies this vulnerability represents a broader class of safety weaknesses the place software program comprises hard-coded credentials that can’t be modified with out modifying the supply code.
Within the context of FortiOS methods, which means that default encryption keys used for configuration backups stay static and predictable throughout installations.
Risk actors with data of those keys can probably entry delicate community configuration information, person credentials, and different essential safety parameters saved inside backup information.
The KEV catalog serves because the authoritative supply for vulnerabilities which were confirmed as exploited within the wild, making this designation notably regarding for community defenders and cybersecurity professionals.
The addition of this Fortinet vulnerability underscores the essential nature of hard-coded credential weaknesses in enterprise community infrastructure.
Federal businesses and significant infrastructure operators should deal with this designation as a high-priority safety concern requiring instant consideration and useful resource allocation.
Danger FactorsDetailsAffected ProductsFortinet FortiOS ImpactAttackers decrypt delicate information in FortiOS configuration backup information by way of data of hard-coded encryption keyExploit Stipulations– Entry to FortiOS configuration backup files- Information of hard-coded encryption key- Skill to course of encrypted backup dataCVSS 3.1 Score6.5 (Medium)
Mitigations
Organizations working Fortinet FortiOS methods should implement vendor-provided mitigations earlier than the July 16, 2025, deadline established by CISA.
The remediation necessities comply with relevant Binding Operational Directive (BOD) 22-01 steerage for cloud providers, emphasizing the federal authorities’s dedication to proactive vulnerability administration throughout essential infrastructure sectors.
Community directors ought to instantly seek the advice of Fortinet’s safety advisory FG-IR-19-007 for particular mitigation procedures and patch availability.
Organizations unable to implement sufficient mitigations are directed to discontinue use of affected merchandise till correct safety measures might be established.
This timeline displays the intense nature of energetic exploitation and the potential for continued risk actor exercise concentrating on susceptible FortiOS installations throughout enterprise networks.
Examine stay malware conduct, hint each step of an assault, and make sooner, smarter safety choices -> Attempt ANY.RUN now
.webp?ssl=1 "Cybercriminals Exploit Microsoft Tools in New Phishing Scheme")