How severe is CVE-2025-46373?

CVE-2025-46373 has a CVSS v3 score of 7.8 (HIGH).

CVE-2025-46373

Name: forticlient
Author: fortinet

7.8HIGH

A Heap-based Buffer Overflow vulnerability [CWE-122] vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.8 may allow an authenticated local IPSec use

Veröffentlicht: 11/18/2025Aktualisiert: 12/16/2025

Beschreibung

A Heap-based Buffer Overflow vulnerability [CWE-122] vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.8 may allow an authenticated local IPSec user to execute arbitrary code or commands via "fortips_74.sys". The attacker would need to bypass the Windows heap integrity protections

CVE-2025-46373

A Heap-based Buffer Overflow vulnerability [CWE-122] vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.8 may allow an authenticated local IPSec use

Beschreibung

KI-AnalyseKI-gestützt

Betroffene Produkte

Referenzen