Cleartext Storage Vulnerability in Fortinet FortiPAM Products
CVE-2025-61713

3.8LOW

Key Information:

Vendor: Fortinet
Status: Fortipam
Vendor: CVE Published:; 18 November 2025

What is CVE-2025-61713?

A vulnerability in Fortinet FortiPAM allows authenticated users with read-write admin privileges to potentially expose sensitive administrator credentials. Through the use of diagnose commands, attackers could access stored credentials, compromising security measures and the integrity of the system. Organizations using affected versions of FortiPAM should assess their configurations and implement necessary mitigations.

Affected Version(s)

FortiPAM 1.6.0

FortiPAM 1.5.0 <= 1.5.1

FortiPAM 1.4.0 <= 1.4.3

References

https://fortiguard.fortinet.com/psirt/FG-IR-25-789

CVSS V3.1

Score:

3.8

Severity:

LOW

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 18, 2025
Vulnerability Reserved
Sep 30, 2025

JSON