CVE-2025-53379

Summary

A out-of-bounds read vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.2, FortiAuthenticator 6.5 all versions may allow a remote unauthenticated attacker to retrieve sensitive information via a specially crafted request.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiAuthenticator6.6.0 <= 6.6.2affected
FortinetFortiAuthenticator6.5.0 <= 6.5.7affected
FortinetFortiAuthenticator6.4.0 <= 6.4.11affected
FortinetFortiAuthenticator6.3.0 <= 6.3.5affected

Weaknesses

  • CWE-125: Information disclosure

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References