CVE-2025-53844

Summary

A out-of-bounds write vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11 allows attacker to execute unauthorized code or commands via specially crafted packets.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiOS7.6.0 <= 7.6.3affected
FortinetFortiOS7.4.0 <= 7.4.8affected
FortinetFortiOS7.2.0 <= 7.2.11affected
FortinetFortiOS7.0.0 <= 7.0.17affected
FortinetFortiOS6.4.0 <= 6.4.16affected
FortinetFortiOS6.2.0 <= 6.2.17affected
FortinetFortiOS6.0.0 <= 6.0.18affected

Weaknesses

  • CWE-787: Execute unauthorized code or commands

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

Additional References

References