Fortinet FortiOS SSLVPN Web Portal Out-of-Bounds Read Vulnerability Leading to Denial-of-Service

Vulnerability

A denial-of-service vulnerability has been identified in the FortiOS SSLVPN web portal. This issue arises from an out-of-bounds read vulnerability, allowing an authenticated attacker to disrupt the SSLVPN web portal's functionality. The vulnerability is present in FortiOS SSLVPN web portal versions 7.4.0 to 7.4.4, 7.2.0 to 7.2.8, all versions of 7.0, and all versions of 6.4. The issue can be exploited by sending a specially crafted URL to the SSLVPN web portal.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition on the SSLVPN web portal, causing it to become unresponsive or unavailable.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

2.5

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

2.5

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fortinet FortiOS SSLVPN Web Portal Out-of-Bounds Read Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Affected Products

Fortinet FortiOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating