CVE-2025-22258

Summary

A heap-based buffer overflow in Fortinet FortiSRA 1.5.0, 1.4.0 through 1.4.2, FortiPAM 1.5.0, 1.4.0 through 1.4.2, 1.3.0 through 1.3.1, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy 7.6.0 through 7.6.1, 7.4.0 through 7.4.7, FortiOS 7.6.0 through 7.6.2, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.2 through 7.0.16, FortiSwitchManager 7.2.1 through 7.2.5 allows attackers to escalate their privilege via specially crafted http requests.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiPAM1.5.0affected
FortinetFortiPAM1.4.0 <= 1.4.2affected
FortinetFortiPAM1.3.0 <= 1.3.1affected
FortinetFortiPAM1.2.0affected
FortinetFortiPAM1.1.0 <= 1.1.2affected
FortinetFortiPAM1.0.0 <= 1.0.3affected
FortinetFortiOS7.6.0 <= 7.6.2affected
FortinetFortiOS7.4.0 <= 7.4.6affected
FortinetFortiOS7.2.0 <= 7.2.10affected
FortinetFortiOS7.0.2 <= 7.0.16affected
FortinetFortiSRA1.5.0affected
FortinetFortiSRA1.4.0 <= 1.4.2affected
FortinetFortiProxy7.6.0 <= 7.6.1affected
FortinetFortiProxy7.4.0 <= 7.4.7affected
FortinetFortiSwitchManager7.2.1 <= 7.2.5affected

Weaknesses

  • CWE-122: Escalation of privilege

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References