How severe is CVE-2025-62631?

CVE-2025-62631 has a CVSS v3 score of 5.6 (MEDIUM).

CVE-2025-62631

Name: fortios
Author: fortinet

5.6MEDIUM

An insufficient session expiration vulnerability [CWE-613] vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to main

Publicado: 12/9/2025Actualizado: 1/14/2026

Descripción

An insufficient session expiration vulnerability [CWE-613] vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to maintain access to network resources via an active SSLVPN session not terminated after a user's password change under particular conditions outside of the attacker's control

Análisis IAImpulsado por IA

Productos Afectados

fortinetfortios

Referencias

https://fortiguard.fortinet.com/psirt/FG-IR-25-411
Vendor Advisory