Fortinet FortiOS
Moderate fix5 remedies
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*
Moderate fix5 remedies
- >= 7.6.0, <= 7.6.1
- >= 7.4.0, <= 7.4.5
- >= 7.2.0, <= 7.2.10
- >= 7.0.0, <= 7.0.16
- >= 6.4.0, <= 6.4.15
- >= 6.2.0, <= 6.2.17
- >= 6.0.0, <= 6.0.12
Fortinet Products Heap-Based Buffer Overflow Vulnerability Allowing Arbitrary Code Execution
Vulnerability
Patched
A heap-based buffer overflow vulnerability has been identified in multiple Fortinet products, including FortiOS, FortiManager, FortiAnalyzer, FortiManager Cloud, FortiAnalyzer Cloud, and FortiProxy. This vulnerability affects several different versions and ranges within these products. The issue allows an authenticated attacker to execute unauthorized code or commands by sending specially crafted requests.
Impact
Exploitation of this vulnerability could lead to unauthorized execution of code or commands on the affected system.
Remediation
Users are advised to upgrade to the latest versions of the affected Fortinet products. Specific upgrade recommendations vary by product and version, with some users needing to migrate to a fixed release. Detailed upgrade paths can be found using Fortinet's upgrade tool.
Added: Oct 14, 2025, 4:34 PM
Updated: Oct 14, 2025, 11:13 PM
Vulnerability Rating
Custom Algorithm
spread
6.8impact
7.5exploitability
4.4remediation
7.7relevance
0.7threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.