Fortinet FortiOS Buffer Over-Read Vulnerability in FGFM Daemon Allowing Denial-of-Service

Vulnerability

A buffer over-read vulnerability has been identified in Fortinet FortiOS versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, and 7.0.0 through 7.0.14. This vulnerability may allow a remote, unauthenticated attacker to crash the FGFM daemon by sending a specially crafted request, under rare conditions that are beyond the attacker's control.

Impact

Exploitation of this vulnerability can lead to a denial-of-service condition, causing the FGFM daemon to crash.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

2.5

exploitability

7.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

2.5

exploitability

7.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fortinet FortiOS Buffer Over-Read Vulnerability in FGFM Daemon Allowing Denial-of-Service

Vulnerability

Impact

Affected Products

Fortinet FortiOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating