CVE-2025-25248

5.3 MEDIUM

An Integer Overflow or Wraparound vulnerability [CWE-190] in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and...

Published: 2025-08-12 · Last updated: 2026-06-09

Severity and scoring

CVSS: 5.3 MEDIUM
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-190

Affected products

Vendor	Product
fortinet	fortios, fortipam, fortiproxy

Description

An Integer Overflow or Wraparound vulnerability [CWE-190] in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.2 all versions, 6.4 all versions, FortiProxy version 7.6.2 and below, version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions and FortiPAM version 1.5.0, version 1.4.2 and below, 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions SSL-VPN RDP and VNC bookmarks may allow an authenticated user to affect the device SSL-VPN availability via crafted requests.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2025-25248
[Vendor advisory]https://fortiguard.fortinet.com/psirt/FG-IR-24-364
[Other]https://cert-portal.siemens.com/productcert/html/ssa-864900.html

Related CVEs

Same vendor

CVE-2026-49938 — A improper access control vulnerability in Fortinet FortiPortal 7.4.0 through 7.4.7, FortiPortal 7.2.0 through 7.2.8, FortiPortal 7.0 all... (6.5 MEDIUM)
CVE-2026-25089 — A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 5.0.0... (9.8 CRITICAL)
CVE-2025-67862 — An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability [CWE-1244] vulnerability in Fortinet FortiOS 7.6.0 through ... (6.7 MEDIUM)
CVE-2026-44277 — A improper access control vulnerability in Fortinet FortiAuthenticator 8.0.2, FortiAuthenticator 8.0.0, FortiAuthenticator 6.6.0 through ... (9.8 CRITICAL)
CVE-2026-25690 — An improper neutralization of argument delimiters in a command ('argument injection') vulnerability in Fortinet FortiDeceptor 6.0.0 throu... (4.3 MEDIUM)

Same CWE

CVE-2026-10649 — A flaw was found in Pacemaker (8.6 HIGH)
CVE-2026-53705 — A flaw was found in GStreamer's WavPack audio decoder in gst-plugins-good (7.6 HIGH)
CVE-2026-52722 — A signed integer overflow vulnerability was found in GStreamer's VMnc decoder (7.1 HIGH)
CVE-2025-55647 — An Out-of-Memory in the mp4_mux_cenc_insert_pssh function (filters/mux_isom.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of ... (5.5 MEDIUM)
CVE-2026-6045 — LibreOffice can import EMF+ graphics, which may be embedded in documents