CVE-2019-6693
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2019-6693. We'll provide specific mitigation strategies based on your environment and risk profile.
Description
Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' passwords (except the administrator's password), private keys' passphrases and High Availability password (when set).
Available Exploits
Related News
Affected Products
Affected Versions:
Known Exploited Vulnerability
This vulnerability is actively being exploited in the wild
Remediation Status
Due Date
Added to KEV
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Affected Product
Ransomware Risk
GitHub Security Advisories
Community-driven vulnerability intelligence from GitHub
Advisory Details
CVSS Scoring
CVSS Score
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References
Advisory provided by GitHub Security Advisory Database. Published: May 24, 2022, Modified: April 4, 2024
Social Media Intelligence
Real-time discussions and threat intelligence from social platforms
🔥 Top 10 Trending CVEs (27/06/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-20282](https://nvd.nist.gov/vuln/detail/CVE-2025-20282)** - 📝 A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then …
CISA Flags Major Flaws in AMI MegaRAC, D-Link, and Fortinet Devices **CISA has added three critical security vulnerabilities to its KEV catalog, affecting popular devices from AMI, D-Link, and Fortinet with active exploitation reported.** **Key Points:** - CVE-2024-54085 could allow attackers to take full control of AMI MegaRAC devices. - …
CISA Issues Urgent Warning on Fortinet FortiOS Vulnerability **A critical vulnerability in Fortinet's FortiOS is actively exploited, putting organizations at risk of data breaches.** **Key Points:** - CISA added CVE-2019-6693 to its Known Exploited Vulnerabilities catalog on June 25, 2025. - The vulnerability allows attackers to decrypt sensitive data from …
🔥 Top 10 Trending CVEs (26/06/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-6543](https://nvd.nist.gov/vuln/detail/CVE-2025-6543)** - 📝 Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway whenconfigured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP …
CISA has flagged three new actively exploited vulnerabilities * AMI MegaRAC (CVE-2024-54085): Remote takeover * D-Link DIR-859 (CVE-2024-0769): Unpatched, end-of-life * FortiOS (CVE-2019-6693): Used by Akira ransomware Federal deadline to patch is July 16, 2025.