How severe is CVE-2025-47855?

CVE-2025-47855 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2025-47855

9.8CRITICAL

An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in Fortinet FortiFone 7.0.0 through 7.0.1, FortiFone 3.0.13 through 3.0.23 allows an unauthenticated attacker to o

Veröffentlicht: 1/13/2026Aktualisiert: 1/14/2026

Beschreibung

An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in Fortinet FortiFone 7.0.0 through 7.0.1, FortiFone 3.0.13 through 3.0.23 allows an unauthenticated attacker to obtain the device configuration via crafted HTTP or HTTPS requests.

KI-AnalyseKI-gestützt

Referenzen

https://fortiguard.fortinet.com/psirt/FG-IR-25-260