Fortinet Fortigate Firewall session injection in FGSP (FG-IR-24-287)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-287 advisory. - An improper restriction of communication channel to intended endpoints vulnerability CWE-923 in FortiOS 7.6.0, 7.4.0 throug...

Fortinet FortiOS 安全漏洞

Fortinet FortiOS is a set of security operating systems dedicated to the FortiGate network security platform from the U.S. company Fiat Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. Fortinet FortiOS...

PT-2025-24714 · Fortinet +1 · Fortiproxy +3

Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS versions 7.6.0 through 7.6.1 Fortinet FortiOS versions 7.4.0 through 7.4.6 Fortinet FortiOS versions 7.2.0 through 7.2.10 Fortinet FortiOS versions 7.0.0 through 7.0.16 Fortinet FortiOS version before 6.4.15 FortiProxy versio...

Fortinet FortiOS 安全漏洞

Fortinet FortiOS is a set of security operating systems dedicated to the FortiGate network security platform from the U.S. company Fiat Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A security...

Fortinet Fortigate SSH key is added even if operation is aborted (FG-IR-23-008)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-008 advisory. - An incomplete cleanup vulnerability CWE-459 in FortiOS 7.2 all versions and before & FortiProxy version 7.2.0 through 7.2.2...

Fortinet FortiOS和Fortinet FortiProxy 安全漏洞

Fortinet FortiOS and Fortinet FortiProxy are both products of Fortinet, Inc. Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform. The system provides users with a variety of security features such as firewall, antivirus, IPSec/SSLVPN, Web content...

Fortinet FortiOS SSL-VPN 代码问题漏洞

Fortinet FortiOS SSL-VPN is a VPN software from Fortinet, Inc. A code issue vulnerability exists in Fortinet FortiOS SSL-VPN version 7.6.0, 7.4.6 and below, 7.2.10 and below, all versions of 7.0, and all versions of 6.4, which stems from an insufficient session expiration, and could allow an...

PT-2025-24709 · Fortinet · Fortios Ssl-Vpn +1

Name of the Vulnerable Software and Affected Versions: FortiOS SSL-VPN versions 7.6.0, 7.4.6 and below, 7.2.10 and below, 7.0 all versions, 6.4 all versions Description: The issue is related to an Insufficient Session Expiration, which may allow an attacker with a cookie used to log in to the...

PT-2025-24705 · Fortinet · Fortios +1

Name of the Vulnerable Software and Affected Versions: FortiOS versions prior to 7.2.3 FortiProxy versions 7.2.0 through 7.2.2 FortiProxy versions prior to 7.0.8 Description: An incomplete cleanup issue allows a VDOM privileged attacker to add SSH key files on the system silently via crafted CLI...

PT-2025-24710 · Fortinet · Fortiproxy +1

Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS versions 7.0.0 through 7.0.13 Fortinet FortiOS versions 7.2.0 through 7.2.7 Fortinet FortiOS versions 7.4.0 through 7.4.3 Fortinet FortiProxy versions 7.0.0 through 7.0.15 Fortinet FortiProxy versions 7.2.0 through 7.2.9...

Fortinet FortiOS 信息泄露漏洞

Fortinet FortiOS is a set of security operating systems dedicated to the FortiGate network security platform from the U.S. company Fiat Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. An information...

PT-2025-26328

Name of the Vulnerable Software and Affected Versions: FortiOS versions 7.2 FortiProxy versions 7.2 Description: An authentication bypass issue exists in FortiOS and FortiProxy due to a flaw in the Automation Stitch component. An authenticated attacker can elevate privileges by triggering a...

Fortinet多款产品 安全漏洞

Fortinet FortiOS and others are products of Fortinet, Inc. Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform. Fortinet FortiWeb is a web application layer firewall, Fortinet FortiProxy is a secure web proxy that protects employees from cyberattac...

Fortinet FortiOS 信任管理问题漏洞

Fortinet FortiOS is a set of security operating systems dedicated to the FortiGate network security platform from the U.S. company Fiat Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A trust management...

Fortinet FortiOS 安全漏洞

Fortinet FortiOS is a set of security operating systems dedicated to the FortiGate network security platform from the U.S. company Fiat Fortinet. The system provides users with a variety of security features such as firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam. A securit...

PT-2025-24716 · Fortinet · Fortios

Name of the Vulnerable Software and Affected Versions: FortiOS versions 7.6.1 and below FortiOS versions 7.4.7 and below Description: The issue is related to an Improper Certificate Validation, which may allow an EAP verified remote user to connect from FortiClient via a revoked certificate...

CVE-2025-22252

A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6.1, FortiSwitchManager version 7.2.5, and FortiOS versions 7.4.4 through 7.4.6 and version 7.6.0 may allow an attacker with knowledge of an existing admin account to access the device as a valid admin...

CVE-2025-47295

A buffer over-read in Fortinet FortiOS versions 7.4.0 through 7.4.3, versions 7.2.0 through 7.2.7, and versions 7.0.0 through 7.0.14 may allow a remote unauthenticated attacker to crash the FGFM daemon via a specially crafted request, under rare conditions that are outside of the attacker's contr...

CVE-2025-47294

A integer overflow or wraparound in Fortinet FortiOS versions 7.2.0 through 7.2.7, versions 7.0.0 through 7.0.14 may allow a remote unauthenticated attacker to crash the csfd daemon via a specially crafted request...

CVE-2025-47294

A integer overflow or wraparound in Fortinet FortiOS versions 7.2.0 through 7.2.7, versions 7.0.0 through 7.0.14 may allow a remote unauthenticated attacker to crash the csfd daemon via a specially crafted request...