How severe is CVE-2025-25249?

CVE-2025-25249 has a CVSS v3 score of 8.1 (HIGH).

CVE-2025-25249

Name: fortios
Author: fortinet

8.1HIGH

A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4.0 through 6.4.1

Publicado: 1/13/2026Actualizado: 1/14/2026

Descripción

A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4.0 through 6.4.16, FortiSASE 25.2.b, FortiSASE 25.1.a.2, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows attacker to execute unauthorized code or commands via specially crafted packets

Análisis IAImpulsado por IA

Productos Afectados

fortinetfortios

fortinetfortiswitchmanager

fortinetfortisase

25.1.39

fortinetfortisase

25.1.51

Referencias

https://fortiguard.fortinet.com/psirt/FG-IR-25-084
Vendor Advisory