EUVD-2025-202274

An insufficient session expiration vulnerability CWE-613 in Fortinet FortiOS 7.4.0, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to maintain access to network resources via an active SSLVPN session not terminated after a user's password change under...

CVE-2025-62631

An insufficient session expiration vulnerability CWE-613 vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to maintain access to network resources via an active SSLVPN session not terminated after a user's passwor...

CVE-2025-62631

Fortinet FortiOS versions affected by CVE-2025-62631: FortiOS 7.4.0, all 7.2 versions, all 7.0 versions, and all 6.4 versions. The issue is an insufficient session expiration (CWE-613) that lets an attacker maintain access to network resources via an active SSLVPN session not terminated after a u...

Fortinet Fortigate Insertion of sensitive information into REST API logs (FG-IR-24-268)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-268 advisory. - An insertion of sensitive information into log file vulnerability CWE-532 in FortiOS 7.4.0... CVE-2024-47570 Note that Ness...

Fortinet多款产品 日志信息泄露漏洞

Fortinet FortiOS and others are products of Fortinet, Inc.Fortinet FortiOS is a security operating system dedicated to the FortiGate network security platform.Fortinet FortiPAM is a platform for privilege access control.Fortinet FortiSRA is a secure remote access software. A log information...

PT-2025-50118

Name of the Vulnerable Software and Affected Versions FortiOS versions 7.0.0 through 7.0.17 FortiOS versions 7.2.0 through 7.2.11 FortiOS versions 7.4.0 through 7.4.8 FortiOS versions 7.6.0 through 7.6.3 FortiProxy versions 7.0.0 through 7.0.21 FortiProxy versions 7.2.0 through 7.2.14 FortiProxy...

Fortinet FortiOS 代码问题漏洞

Fortinet FortiOS is a set of security operating systems dedicated to the FortiGate network security platform from the U.S. company Fiat Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A code issue...

PT-2025-50125

Name of the Vulnerable Software and Affected Versions Fortinet FortiOS versions 6.4, 7.0, 7.2, and 7.4.0 Description An insufficient session expiration exists in Fortinet FortiOS. Specifically, an active SSLVPN session may not terminate after a user’s password change under certain conditions. Thi...

Fortinet多款产品 数据伪造问题漏洞

Fortinet FortiOS and others are products of Fortinet, Inc.Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiProxy is a secure network proxy that protects employees from network attacks by combining a variety of detection technologie...

Fortinet FortiWeb SSO Login Authentication Bypass (FG-IR-25-647)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the FG-IR-25-647 advisory. - An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0,... CVE-2025-59719 - A...

Fortinet Fortigate SSO Login Authentication Bypass (FG-IR-25-647)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the FG-IR-25-647 advisory. - An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0,... CVE-2025-59719 - ...

CVE-2025-58413

A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiSASE 25.3.b allows attacker to execute...

CVE-2025-54821

An Improper Privilege Management vulnerability CWE-269 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3...

CVE-2025-53843

A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to execute unauthorized code or commands via specially crafted packets...

Vulnerabilities fixed in Fortinet FortiOS

Fortinet has fixed vulnerabilities in FortiOS multiple versions. The vulnerabilities include a stack-based buffer overflow that allows attackers to execute unauthorized code or commands by sending specially crafted packets. A specific vulnerability in the FortiOS CAPWAP daemon allows a remote,...

CVE-2025-58413

A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiSASE 25.3.b allows attacker to execute...

CVE-2025-58413

A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiSASE 25.3.b allows attacker to execute...

CVE-2025-54821

An Improper Privilege Management vulnerability CWE-269 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3...

CVE-2025-54821

An Improper Privilege Management vulnerability CWE-269 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3...

CVE-2025-53843

A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to execute unauthorized code or commands via specially crafted packets...