CVE-2025-25248

Summary

An Integer Overflow or Wraparound vulnerability [CWE-190] in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.2 all versions, 6.4 all versions, FortiProxy version 7.6.2 and below, version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions and FortiPAM version 1.5.0, version 1.4.2 and below, 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions SSL-VPN RDP and VNC bookmarks may allow an authenticated user to affect the device SSL-VPN availability via crafted requests.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiOS7.6.0 <= 7.6.2affected
FortinetFortiOS7.4.0 <= 7.4.7affected
FortinetFortiOS7.2.0 <= 7.2.10affected
FortinetFortiOS7.0.0 <= 7.0.17affected
FortinetFortiOS6.4.0 <= 6.4.16affected
FortinetFortiPAM1.5.0affected
FortinetFortiPAM1.4.0 <= 1.4.2affected
FortinetFortiPAM1.3.0 <= 1.3.1affected
FortinetFortiPAM1.2.0affected
FortinetFortiPAM1.1.0 <= 1.1.2affected
FortinetFortiPAM1.0.0 <= 1.0.3affected
FortinetFortiProxy7.6.0 <= 7.6.2affected
FortinetFortiProxy7.4.0 <= 7.4.3affected
FortinetFortiProxy7.2.0 <= 7.2.14affected
FortinetFortiProxy7.0.0 <= 7.0.21affected
FortinetFortiProxy2.0.0 <= 2.0.14affected

Weaknesses

  • CWE-190: Denial of service

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

Additional References

References