CVE-2025-25253

7.5 HIGH

An Improper Validation of Certificate with Host Mismatch vulnerability [CWE-297] in FortiProxy version 7.6.1 and below, version 7.4.8 and...

Published: 2025-10-14 · Last updated: 2026-06-09

Severity and scoring

CVSS: 7.5 HIGH
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-297

Affected products

Vendor	Product
fortinet	fortios, fortiproxy

Description

An Improper Validation of Certificate with Host Mismatch vulnerability [CWE-297] in FortiProxy version 7.6.1 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions and FortiOS version 7.6.2 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions ZTNA proxy may allow an unauthenticated attacker in a man-in-the middle position to intercept and tamper with connections to the ZTNA proxy

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2025-25253
[Vendor advisory]https://fortiguard.fortinet.com/psirt/FG-IR-24-457
[Other]https://cert-portal.siemens.com/productcert/html/ssa-864900.html

Related CVEs

Same vendor

CVE-2026-49938 — A improper access control vulnerability in Fortinet FortiPortal 7.4.0 through 7.4.7, FortiPortal 7.2.0 through 7.2.8, FortiPortal 7.0 all... (6.5 MEDIUM)
CVE-2026-25089 — A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 5.0.0... (9.8 CRITICAL)
CVE-2025-67862 — An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability [CWE-1244] vulnerability in Fortinet FortiOS 7.6.0 through ... (6.7 MEDIUM)
CVE-2026-44277 — A improper access control vulnerability in Fortinet FortiAuthenticator 8.0.2, FortiAuthenticator 8.0.0, FortiAuthenticator 6.6.0 through ... (9.8 CRITICAL)
CVE-2026-25690 — An improper neutralization of argument delimiters in a command ('argument injection') vulnerability in Fortinet FortiDeceptor 6.0.0 throu... (4.3 MEDIUM)

Same CWE

CVE-2026-44393 — An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0 (7.4 HIGH)
CVE-2026-35563 — It was identified that the LDAP client implementation in version 2.1.7 does not verify if the server certificate matches the intended LDA... (8.5 HIGH)
CVE-2026-42790 — Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_cert and public_key modules) allows a DNS nameConstraints ... (8.1 HIGH)
CVE-2026-44467 — The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side (6.8 MEDIUM)
CVE-2024-12925 — Improper Validation of Certificate with Host Mismatch vulnerability in Akınsoft QR Menü allows HTTP Response Splitting (7.3 HIGH)