How severe is CVE-2025-25249?

CVE-2025-25249 has a CVSS v3 score of 8.1 (HIGH).

CVE-2025-25249

Name: fortios
Author: fortinet

8.1HIGH

A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4.0 through 6.4.1

Publicado: 1/13/2026Atualizado: 1/14/2026

Descrição

A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4.0 through 6.4.16, FortiSASE 25.2.b, FortiSASE 25.1.a.2, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows attacker to execute unauthorized code or commands via specially crafted packets

Análise IADesenvolvido por IA

Produtos Afetados

fortinetfortios

fortinetfortiswitchmanager

fortinetfortisase

25.1.39

fortinetfortisase

25.1.51

Referências

https://fortiguard.fortinet.com/psirt/FG-IR-25-084
Vendor Advisory