CVE-2025-46775 is an information disclosure vulnerability identified in multiple versions of Fortinet's FortiExtender product line, specifically versions 7.0.0, 7.2.x, 7.4.x, and 7.6.0 through 7.6.1. FortiExtender devices are used to extend network connectivity, often leveraging cellular networks for WAN failover or primary connectivity in enterprise environments. The vulnerability stems from debug messages that inadvertently expose sensitive information, including administrator credentials, when debug log commands are executed. An authenticated user with low privileges (PR:L) can exploit this by issuing debug commands to retrieve these credentials without requiring any user interaction (UI:N). The CVSS v3.1 base score is 5.2, reflecting a medium severity level due to the limited attack vector (local access required) and the requirement for authentication, but with a high impact on confidentiality (C:H). The vulnerability does not affect integrity or availability. No public exploits have been reported yet, but the presence of administrator credentials in debug logs poses a significant risk if an attacker gains authenticated access. The scope of the vulnerability is limited to the FortiExtender devices running the affected versions. The issue highlights the risk of excessive debug information exposure in network devices, which can be leveraged for privilege escalation or lateral movement within a network.

For European organizations, this vulnerability could lead to unauthorized disclosure of administrator credentials for FortiExtender devices, potentially allowing attackers to gain elevated access to network infrastructure. This could facilitate further attacks such as network interception, configuration manipulation, or persistent access. Given FortiExtender's role in providing cellular WAN connectivity and network extension, compromise could disrupt critical communications or expose sensitive data traversing these devices. Sectors such as telecommunications, finance, government, and critical infrastructure that rely on Fortinet products for secure connectivity are particularly at risk. The confidentiality breach could undermine trust in network security and lead to regulatory compliance issues under GDPR if personal or sensitive data is exposed. Although exploitation requires authenticated access, insider threats or compromised low-privilege accounts could leverage this vulnerability to escalate privileges. The absence of known exploits reduces immediate risk but does not eliminate the threat, especially as attackers often develop exploits after public disclosure.

European organizations should implement the following specific mitigations: 1) Restrict access to FortiExtender management interfaces and debug commands strictly to trusted administrators using strong authentication mechanisms such as multi-factor authentication (MFA). 2) Monitor and audit all access to debug logs and command execution to detect any unauthorized or suspicious activity promptly. 3) Disable debug logging or limit debug verbosity on production devices to minimize exposure of sensitive information. 4) Apply vendor patches or updates as soon as Fortinet releases fixes addressing this vulnerability. 5) Segment FortiExtender devices within the network to limit lateral movement if credentials are compromised. 6) Conduct regular security reviews and penetration testing focusing on device management interfaces. 7) Educate administrators about the risks of exposing sensitive information through debug logs and enforce strict operational security policies. These measures go beyond generic advice by focusing on operational controls around debug command usage and access restrictions tailored to FortiExtender deployments.