7 matches found
Vulnerability fixed in Fortinet FortiOS
Fortinet has fixed a vulnerability in FortiOS FortiSASE and FortiSwitchManager specifically. The vulnerability is located in the cwacd daemon in FortiOS and FortiSwitchManager. This daemon is vulnerable to exploitation by remote, unauthenticated attackers. By sending specially crafted packets or...
CVE-2025-25249
A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4 all versions, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows attacker to...
CVE-2025-49201
A weak authentication vulnerability in Fortinet FortiPAM 1.5.0, FortiPAM 1.4.0 through 1.4.2, FortiPAM 1.3 all versions, FortiPAM 1.2 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions, FortiSwitchManager 7.2.0 through 7.2.4 allows attacker to execute unauthorized code or commands...
CVE-2024-26008
An improper check or handling of exceptional conditions vulnerability CWE-703 in FortiOS version 7.4.0 through 7.4.3 and before 7.2.7, FortiProxy version 7.4.0 through 7.4.3 and before 7.2.9, FortiPAM before 1.2.0 and FortiSwitchManager version 7.2.0 through 7.2.3 and version 7.0.0 through 7.0.3...
PT-2025-41956
Name of the Vulnerable Software and Affected Versions Fortinet FortiPAM versions 1.0.0 through 1.5.0 Fortinet FortiSwitchManager versions 7.2.0 through 7.2.4 Description A weak authentication mechanism exists in Fortinet FortiPAM and FortiSwitchManager. This allows an attacker to execute arbitrar...
PT-2023-3234 · Fortinet · Fortiproxy +2
Name of the Vulnerable Software and Affected Versions: FortiOS versions 6.4.12 and earlier, 7.0.0 through 7.0.9 FortiOS versions 7.2.0 through 7.2.3 FortiProxy versions 7.0.0 through 7.0.7 FortiProxy versions 7.2.0 through 7.2.1 FortiSwitchManager versions 7.0.0 through 7.0.1 and earlier...
CVE-2022-40684
An authentication bypass using an alternate path or channel CWE-288 in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform...