CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Jul 16, 2025

CVE-2019-6693

High

EPSS 72.2%CISA KEVRansomware

Description

Fortinet FortiOS contains a use of hard-coded credentials vulnerability that could allow an attacker to cipher sensitive data in FortiOS configuration backup file via knowledge of the hard-coded key.

EPSS — Exploit Probability

72.2%

Higher than 98.7% of all CVEs

Required Action

https://fortiguard.com/advisory/FG-IR-19-007 ; https://nvd.nist.gov/vuln/detail/CVE-2019-6693

Risk Assessment

CRITICAL

In CISA KEV

High EPSS

Ransomware

Details

Severity: High
EPSS: 72.2%
CISA KEV: Yes
Ransomware: Known
Articles: 0

Timeline

Published

Jun 25, 2025

Added to KEV

Jun 25, 2025

Remediation Due

Jul 16, 2025

Affected Product

Fortinet

FortiOS

View all Fortinet CVEs

External Links

NVD (NIST)CVE Details MITRE CVE