Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability Allowing Privilege Escalation

Vulnerability

Exploited

A vulnerability allowing authentication bypass via an alternate path or channel has been identified in Fortinet FortiOS versions 7.0.0 to 7.0.16 and FortiProxy versions 7.2.0 to 7.2.12, as well as FortiOS 7.0.0 through 7.0.19. This vulnerability may enable a remote attacker to gain super-admin privileges by sending crafted CSF proxy requests.

Impact

Exploitation of this vulnerability could lead to unauthorized super-admin privileges on the affected system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

7.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

8.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

7.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

8.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Affected Products

Fortinet FortiOS

Fortinet FortiProxy

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating