CVE-2024-50568

CVE-2024-50568 affects Fortinet FortiOS and FortiProxy: a non-endpoint channel vulnerability (CWE-300) allows an unauthenticated attacker with device-specific data to spoof the identity of a downstream device in the security fabric via crafted TCP requests. Affected versions include FortiOS 7.0.0...

CVE-2023-29184

CVE-2023-29184 describes an incomplete cleanup (CWE-459) vulnerability affecting Fortinet FortiOS and FortiProxy. Affected: FortiOS 7.2 all versions and earlier, and FortiProxy 7.2.0–7.2.2 and before 7.0.8. Exploitation allows a VDOM-privileged attacker to silently add SSH key files via crafted C...

CVE-2025-25250

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability CWE-200 in FortiOS version 7.6.0, version 7.4.7 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions SSL-VPN web-mode may allow an authenticated user to access full SSL-VPN settings via crafted URL...

CVE-2023-29184

An incomplete cleanup vulnerability CWE-459 in FortiOS 7.2 all versions and before & FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 allows a VDOM privileged attacker to add SSH key files on the system silently via crafted CLI requests...

CVE-2025-25250

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability CWE-200 in FortiOS version 7.6.0, version 7.4.7 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions SSL-VPN web-mode may allow an authenticated user to access full SSL-VPN settings via crafted URL...

CVE-2023-29184

An incomplete cleanup vulnerability CWE-459 in FortiOS 7.2 all versions and before & FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 allows a VDOM privileged attacker to add SSH key files on the system silently via crafted CLI requests...

CVE-2025-25250

FortiOS contains an Information Disclosure vulnerability (CWE-200) affecting SSL-VPN web-mode that can allow an authenticated user to view full SSL-VPN settings via a crafted URL. Affected versions include FortiOS 7.6.0, 7.4.7 and earlier, and all 7.2/7.0/6.4 releases. CVSSv3.1 base score 4.3 (Ne...

CVE-2025-24471

An Improper Certificate Validation vulnerability CWE-295 in FortiOS version 7.6.1 and below, version 7.4.7 and below may allow an EAP verified remote user to connect from FortiClient via revoked certificate...

CVE-2025-24471

CVE-2025-24471 : FortiOS contains an improper certificate validation flaw (CWE-295) that could let an EAP-enabled remote user connect from FortiClient using a revoked certificate. Affected versions are FortiOS 7.6.1 and earlier and 7.4.7 and earlier. The underlying issue is certificate validation...

CVE-2025-24471

An Improper Certificate Validation vulnerability CWE-295 in FortiOS version 7.6.1 and below, version 7.4.7 and below may allow an EAP verified remote user to connect from FortiClient via revoked certificate...

CVE-2025-22254

CVE-2025-22254 affects Fortinet FortiOS (7.6.0–7.6.1, 7.4.0–7.4.6, 7.2.0–7.2.10, 7.0.0–7.0.16, 6.4.0–6.4.15), FortiProxy (7.6.0–7.6.1, 7.4.0–7.4.7) and FortiWeb (7.6.0–7.6.1, 7.4.0–7.4.6). Root cause: Improper Privilege Management (CWE-269) allowing an authenticated user with at least read-only a...

CVE-2025-22254

An Improper Privilege Management vulnerability CWE-269 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.1, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4.0 through 6.4.15, FortiProxy 7.6.0 through 7.6.1, FortiProxy 7.4.0 through 7.4.7,...

CVE-2025-22251

An improper restriction of communication channel to intended endpoints vulnerability CWE-923 in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to inject unauthorized sessions via crafted FGSP session synchronization...

CVE-2025-22251

An improper restriction of communication channel to intended endpoints vulnerability CWE-923 in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to inject unauthorized sessions via crafted FGSP session synchronization...

CVE-2025-22251

FortiOS CVE-2025-22251: An improper restriction of the FGSP session synchronization channel allows an unauthenticated attacker to inject unauthorized sessions. Affected FortiOS versions are 7.6.0, 7.4.0–7.4.5, 7.2 all versions, 7.0 all versions, and 6.4 all versions. This CWE-923 issue can enable...

CVE-2024-50562

CVE-2024-50562 is an Insufficient Session Expiration (CWE-613) in FortiOS SSL-VPN. A stolen cookie could allow a logged-out/expired session to re-authenticate. Affected FortiOS/ FortiSASE: FortiOS 7.6.0 (fixed in 7.6.1), 7.4.0–7.4.7 (fixed in 7.4.8), 7.2.0–7.2.10 (fixed in 7.2.11), and all 7.0 an...

CVE-2024-50562

An Insufficient Session Expiration vulnerability CWE-613 in FortiOS SSL-VPN version 7.6.0, version 7.4.6 and below, version 7.2.10 and below, 7.0 all versions, 6.4 all versions may allow an attacker in possession of a cookie used to log in the SSL-VPN portal to log in again, although the session...

CVE-2024-50562

An Insufficient Session Expiration vulnerability CWE-613 in FortiOS SSL-VPN version 7.6.0, version 7.4.6 and below, version 7.2.10 and below, 7.0 all versions, 6.4 all versions may allow an attacker in possession of a cookie used to log in the SSL-VPN portal to log in again, although the session...

PT-2025-24713 · Fortinet · Fortios

Name of the Vulnerable Software and Affected Versions: FortiOS versions 6.4 through 7.6.0 FortiOS version 7.4.0 through 7.4.5 Description: The issue is related to an improper restriction of communication channel to intended endpoints, which may allow an unauthenticated attacker to inject...

PT-2025-24717 · Fortinet · Fortios

Name of the Vulnerable Software and Affected Versions: FortiOS versions 6.4 and earlier FortiOS versions 7.0 and earlier FortiOS versions 7.2 and earlier FortiOS versions 7.4.7 and earlier FortiOS version 7.6.0 Description: The issue allows an authenticated user to access full SSL-VPN settings vi...