How severe is CVE-2025-62631?

CVE-2025-62631 has a CVSS v3 score of 5.6 (MEDIUM).

CVE-2025-62631

Name: fortios
Author: fortinet

5.6MEDIUM

An insufficient session expiration vulnerability [CWE-613] vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to main

Publicado: 12/9/2025Atualizado: 1/14/2026

Descrição

An insufficient session expiration vulnerability [CWE-613] vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to maintain access to network resources via an active SSLVPN session not terminated after a user's password change under particular conditions outside of the attacker's control

Análise IADesenvolvido por IA

Produtos Afetados

fortinetfortios

Referências

https://fortiguard.fortinet.com/psirt/FG-IR-25-411
Vendor Advisory