PT-2025-41943

Name of the Vulnerable Software and Affected Versions Fortinet FortiManager Cloud versions 7.4.1 through 7.4.3 Fortinet FortiVoice versions 6.4.0 through 6.4.9 Fortinet FortiVoice versions 7.0.0 through 7.0.4 Fortinet FortiVoice versions 6.0.7 through 6.0.12 Fortinet FortiMail versions 7.4.0...

PT-2025-41940

A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted CLI commands...

Fortinet Fortigate FGFM protocol allows unauthenticated reset of the connection (FG-IR-24-041)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-041 advisory. - An improper check or handling of exceptional conditions vulnerability CWE-703 in FortiOS version 7.4.0 through 7.4.3 and...

PT-2025-41958

Name of the Vulnerable Software and Affected Versions Fortinet FortiOS versions 7.4.0 through 7.4.1 and versions prior to 7.2.8 Fortinet FortiProxy versions prior to 7.4.8 Description An improper authorization issue exists that allows an authenticated attacker to access static files of other...

PT-2025-41946

A heap-based buffer overflow in Fortinet FortiSRA 1.5.0, 1.4.0 through 1.4.2, FortiPAM 1.5.0, 1.4.0 through 1.4.2, 1.3.0 through 1.3.1, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy 7.6.0 through 7.6.1, 7.4.0 through 7.4.7, FortiOS 7.6.0 through 7.6.2, 7.4.0 through 7.4.6, 7.2.0...

PT-2025-41955

An URL Redirection to Untrusted Site vulnerabilities CWE-601 in FortiOS 7.6.0 through 7.6.2, 7.4.0 through 7.4.8, 7.2 all versions, 7.0 all versions, 6.4 all versions; FortiProxy 7.6.0 through 7.6.3, 7.4 all versions, 7.2 all versions, 7.0 all versions; FortiSASE 25.2.a may allow an unauthenticat...

Fortinet多款产品 安全漏洞

Fortinet FortiOS and others are products of Fortinet, Inc.Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiProxy is a secure network proxy that protects employees by combining a variety of detection technologies such as Web...

Fortinet FortiOS 日志信息泄露漏洞

Fortinet FortiOS is a set of security operating systems dedicated to the FortiGate network security platform from the U.S. company Fiat Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A log information...

Fortinet多款产品 安全漏洞

Fortinet FortiOS and others are products of Fortinet, Inc. Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiWeb is a web application layer firewall, Fortinet FortiAnalyzer is a centralized network security reporting solution. A...

Fortinet Fortigate import feature (FG-IR-23-354)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-354 advisory. - A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through...

Fortinet Fortigate Insertion of Sensitive 2FA Information in logs and debug command (FG-IR-24-452)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-452 advisory. - An Insertion of Sensitive Information into Log File vulnerability CWE-532 in FortiOS may allow an attacker with at least...

Fortinet FortiOS 安全漏洞

FortiOS is Fortinet's network operating system that provides firewall, VPN and network security features. A security vulnerability exists in Fortinet FortiOS that stems from an API interface that does not validate return values. An attacker could use this vulnerability to trigger a null pointer...

PT-2025-41947

Name of the Vulnerable Software and Affected Versions FortiOS versions 7.6.0 through 7.6.2 FortiOS versions 7.4.0 through 7.4.6 FortiOS versions 7.2.0 through 7.2.10 FortiOS versions 7.0.0 through 7.0.16 FortiOS version 6.4 Description An insufficient session expiration issue exists in FortiOS SS...

Fortinet Fortigate Heap buffer overflow in websocket (FG-IR-24-546)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-546 advisory. - A heap-based buffer overflow in Fortinet FortiSRA 1.5.0, 1.4.0 through 1.4.2, FortiPAM 1.5.0, 1.4.0 through 1.4.2, 1.3.0...

Fortinet多款产品 跨站脚本漏洞

Fortinet FortiOS and others are products of Fortinet, Inc.Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiProxy is a secure network proxy that protects employees from network attacks by combining a variety of detection technologie...

PT-2025-41962

Name of the Vulnerable Software and Affected Versions FortiOS versions 7.6.2 and below, 7.4.7 and below, 7.2.10 and below, 7.0 all versions, 6.4 all versions FortiPAM versions 1.5.0, 1.4.2 and below, 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions FortiProxy versions 7.6.2...

Fortinet FortiOS和Fortinet FortiProxy 安全漏洞

Fortinet FortiOS and Fortinet FortiProxy are both products of Fortinet, Inc. Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform. The system provides users with a variety of security features such as firewall, antivirus, IPSec/SSLVPN, Web content...

PT-2025-41949

Name of the Vulnerable Software and Affected Versions FortiProxy versions 7.0.1 through 7.0.21 FortiProxy versions 7.2 all versions FortiProxy versions 7.4 all versions FortiProxy versions 7.6.0 through 7.6.3 Description An improperly implemented security check may allow an authenticated proxy us...

Fortinet FortiOS和Fortinet FortiProxy 授权问题漏洞

Fortinet FortiOS is a network operating system developed by Fortinet for use in its firewall and network security appliances. A security vulnerability exists in Fortinet FortiOS that stems from a flaw in the authorization mechanism. An attacker could exploit the vulnerability to access static fil...

Fortinet Fortigate Insufficient Session Expiration in SSLVPN using SAML authentication (FG-IR-24-487)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-487 advisory. - An Insufficient Session Expiration vulnerability CWE-613 in FortiOS SSL VPN 7.6.0 through 7.6.2... CVE-2025-25252 Note that...