How severe is CVE-2025-25249?

CVE-2025-25249 has a CVSS v3 score of 8.1 (HIGH).

CVE-2025-25249

Name: fortios
Author: fortinet

8.1HIGH

A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4.0 through 6.4.1

Veröffentlicht: 1/13/2026Aktualisiert: 1/14/2026

Beschreibung

A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4.0 through 6.4.16, FortiSASE 25.2.b, FortiSASE 25.1.a.2, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows attacker to execute unauthorized code or commands via specially crafted packets

KI-AnalyseKI-gestützt

Betroffene Produkte

fortinetfortios

fortinetfortiswitchmanager

fortinetfortisase

25.1.39

fortinetfortisase

25.1.51

Referenzen

https://fortiguard.fortinet.com/psirt/FG-IR-25-084
Vendor Advisory