PSIRT Privilege escalation using undocumented CLI command Summary An Inclusion of Undocumented Features [CWE-1242] in FortiManager and FortiAnalyzer CLI may allow a remote authenticated read-only admin with CLI access to escalate their privilege via use of a hidden command. Version Affected Solution FortiAnalyzer 7.6 7.6.0 through 7.6.3 Upgrade to 7.6.4 or above FortiAnalyzer 7.4 7.4.0 through 7.4.7 Upgrade to 7.4.8 or above FortiAnalyzer 7.2 7.2.0 through 7.2.10 Upgrade to 7.2.11 or above FortiAnalyzer 7.0 7.0.0 through 7.0.14 Upgrade to 7.0.15 or above FortiAnalyzer 6.4 6.4 all versions Migrate to a fixed release FortiAnalyzer Cloud 7.6 7.6.2 Upgrade to 7.6.4 or above FortiAnalyzer Cloud 7.4 7.4.1 through 7.4.7 Upgrade to 7.4.8 or above FortiAnalyzer Cloud 7.2 7.2.1 through 7.2.10 Upgrade to 7.2.11 or above FortiAnalyzer Cloud 7.0 7.0.1 through 7.0.14 Upgrade to 7.0.15 or above FortiAnalyzer Cloud 6.4 6.4 all versions Migrate to a fixed release FortiManager 7.6 7.6.0 through 7.6.3 Upgrade to 7.6.4 or above FortiManager 7.4 7.4.0 through 7.4.7 Upgrade to 7.4.8 or above FortiManager 7.2 7.2.0 through 7.2.10 Upgrade to 7.2.11 or above FortiManager 7.0 7.0.0 through 7.0.14 Upgrade to 7.0.15 or above FortiManager 6.4 6.4 all versions Migrate to a fixed release FortiManager Cloud 7.6 7.6.2 through 7.6.3 Upgrade to 7.6.4 or above FortiManager Cloud 7.4 7.4.1 through 7.4.7 Upgrade to 7.4.8 or above FortiManager Cloud 7.2 7.2.1 through 7.2.10 Upgrade to 7.2.11 or above FortiManager Cloud 7.0 7.0.1 through 7.0.14 Upgrade to 7.0.15 or above FortiManager Cloud 6.4 6.4 all versions Migrate to a fixed release Acknowledgement Discovered during an independent source code audit commissioned by Fortinet. Timeline 2026-03-10: Initial publication IR Number FG-IR-26-081 Published Date Mar 10, 2026 Component CLI Severity Medium CVSSv3 Score 6.4 Impact Escalation of privilege CVE ID CVE-2025-48418 Download CVRF CSAF