CVE-2025-53843

A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to execute unauthorized code or commands via specially crafted packets...

CVE-2025-53843

CVE-2025-53843 describes a stack-based buffer overflow in Fortinet FortiOS that affects FortiOS 6.4 and 7.x series (notably 7.6.0–7.6.3, 7.4.0–7.4.8, and all 7.2/7.0). The vulnerability allows an attacker to execute unauthorized code or commands via specially crafted packets, with network access ...

CVE-2025-53843

A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to execute unauthorized code or commands via specially crafted packets...

EUVD-2025-198006

A stack-based buffer overflow in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to execute unauthorized code or commands via specially crafted packets...

CVE-2025-53843

A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to execute unauthorized code or commands via specially crafted packets...

EUVD-2025-198008

An Improper Privilege Management vulnerability CWE-269 in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3 all versions,...

CVE-2025-58413

CVE-2025-58413 is a stack-based buffer overflow in Fortinet FortiOS (versions 6.0–7.6.3) and FortiSASE 25.3.b that allows an attacker to execute unauthorized code or commands via specially crafted packets. Related sources describe a CAPWAP daemon vulnerability enabling a remote, unauthenticated a...

CVE-2025-58413

A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiSASE 25.3.b allows attacker to execute...

CVE-2025-58413

A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiSASE 25.3.b allows attacker to execute...

CVE-2025-54821

An Improper Privilege Management vulnerability CWE-269 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3...

EUVD-2025-198009

A stack-based buffer overflow in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiSASE 25.3.b allows attacker to execute unauthorized code or...

CVE-2025-54821

An Improper Privilege Management vulnerability CWE-269 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3...

PT-2025-47356

Name of the Vulnerable Software and Affected Versions Fortinet FortiOS versions 6.4 through 7.6.3 Fortinet FortiOS version 7.0 Fortinet FortiOS version 7.2 Fortinet FortiOS versions 7.4.0 through 7.4.8 Fortinet FortiOS versions 7.6.0 through 7.6.3 Description A stack-based buffer overflow exists ...

Fortinet FortiOS 安全漏洞

Fortinet FortiOS is a set of security operating systems dedicated to the FortiGate network security platform from the U.S. company Fiat Fortinet. The system provides users with a variety of security features such as firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam. A securit...

Fortinet FortiOS 缓冲区错误漏洞

Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform from the U.S. company Fiat Fortinet. The system provides users with a variety of security features such as firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam. A buffer...

PT-2025-47362

Name of the Vulnerable Software and Affected Versions Fortinet FortiOS versions 6.0 through 7.6.3 FortiSASE version 25.3.b Description A stack-based buffer overflow exists in Fortinet FortiOS and FortiSASE. This issue may allow remote code execution by attackers. The vulnerability is triggered by...

PT-2025-47358

Name of the Vulnerable Software and Affected Versions Fortinet FortiOS versions 6.4 through 7.6.3 Fortinet FortiPAM versions 1.0 through 1.6.0 Fortinet FortiProxy versions 7.0 through 7.6.3 Description An Improper Privilege Management issue exists that may allow an authenticated administrator to...

Fortinet多款产品 安全漏洞

Fortinet FortiOS and others are products of Fortinet, Inc.Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiProxy is a secure network proxy that protects employees by combining a variety of detection technologies such as Web...

Fortinet Fortigate Stack buffer overflow in CAPWAP daemon (FG-IR-25-358)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-25-358 advisory. - A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7...

Vulnerabilities fixed in Fortinet FortiOS and FortiProxy

Fortinet has fixed vulnerabilities in FortiOS and FortiProxy. The vulnerabilities include a stack-based buffer overflow that allows authenticated attackers to execute unauthorized code via specially crafted CLI commands. In addition, there are issues with incorrect certificate validation that all...