CVE-2025-53744

7.2 HIGH

An incorrect privilege assignment vulnerability [CWE-266] in FortiOS Security Fabric version 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7....

Published: 2025-08-12 · Last updated: 2026-06-09

Severity and scoring

CVSS: 7.2 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-266

Affected products

Vendor	Product
fortinet	fortios

Description

An incorrect privilege assignment vulnerability [CWE-266] in FortiOS Security Fabric version 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2 all versions, 7.0 all versions, 6.4 all versions, may allow a remote authenticated attacker with high privileges to escalate their privileges to super-admin via registering the device to a malicious FortiManager.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2025-53744
[Vendor advisory]https://fortiguard.fortinet.com/psirt/FG-IR-25-173
[Other]https://cert-portal.siemens.com/productcert/html/ssa-864900.html

Related CVEs

Same vendor

CVE-2026-49938 — A improper access control vulnerability in Fortinet FortiPortal 7.4.0 through 7.4.7, FortiPortal 7.2.0 through 7.2.8, FortiPortal 7.0 all... (6.5 MEDIUM)
CVE-2026-25089 — A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 5.0.0... (9.8 CRITICAL)
CVE-2025-67862 — An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability [CWE-1244] vulnerability in Fortinet FortiOS 7.6.0 through ... (6.7 MEDIUM)
CVE-2026-44277 — A improper access control vulnerability in Fortinet FortiAuthenticator 8.0.2, FortiAuthenticator 8.0.0, FortiAuthenticator 6.6.0 through ... (9.8 CRITICAL)
CVE-2026-25690 — An improper neutralization of argument delimiters in a command ('argument injection') vulnerability in Fortinet FortiDeceptor 6.0.0 throu... (4.3 MEDIUM)

Same CWE

CVE-2026-53862 — OpenClaw before 2026.5.12 contains a bootstrap token replay vulnerability allowing callers with pending token access to reuse tokens with... (4.2 MEDIUM)
CVE-2026-53847 — OpenClaw before 2026.5.6 contains a privilege escalation vulnerability in the Active Memory write scope that allows Gateway operators wit... (5.4 MEDIUM)
CVE-2026-49780 — Customer Privilege Escalation in Dokan <= 5.0.2 versions (8.8 HIGH)
CVE-2026-49083 — Contributor Privilege Escalation in LatePoint <= 5.5.1 versions (7.5 HIGH)
CVE-2026-49063 — Unauthenticated Privilege Escalation in Listdom <= 5.5.0 versions (7.3 HIGH)