Primary

Context

Fortinet FortiOS Stack-Based Buffer Overflow Vulnerability Allowing Unauthorized Code Execution

Vulnerability

Patched

A stack-based buffer overflow vulnerability has been identified in Fortinet FortiOS versions 7.6.0 through 7.6.3, 7.4.0 through 7.4.8, and all versions of FortiOS 7.2, 7.0, and 6.4. This vulnerability allows remote authenticated attackers to execute arbitrary code or commands as a low-privileged user by sending specially crafted packets. Exploitation requires significant preparation due to stack protection and Address Space Layout Randomization (ASLR), and the attacker must impersonate an authorized FortiAP or FortiExtender.

Impact

Exploitation of this vulnerability could lead to unauthorized code execution or command execution on the affected device.

Remediation

Users can upgrade Fortinet FortiOS to version 7.6.4 or above, 7.4.9 or above, or migrate to a fixed release for FortiOS 7.2, 7.0, or 6.4. Follow the recommended upgrade path using the Fortinet upgrade tool.

Added: Nov 18, 2025, 5:31 PM

Updated: Nov 18, 2025, 5:31 PM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

7.5

exploitability

4.3

remediation

7.7

relevance

1.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

7.5

exploitability

4.3

remediation

7.7

relevance

1.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fortinet FortiOS Stack-Based Buffer Overflow Vulnerability Allowing Unauthorized Code Execution

Vulnerability

Impact

Remediation

Affected Products

Fortinet FortiOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating