CVSS: 8.1EPSS: 0%CPEs: 11EXPL: 1CVE-2024-26009
https://notcve.org/view.php?id=CVE-2024-26009
12 Aug 2025 — An authentication bypass using an alternate path or channel [CWE-288] vulnerability in Fortinet FortiOS version 6.4.0 through 6.4.15 and before 6.2.16, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8 and before 7.0.15 & FortiPAM before version 1.2.0 allows an unauthenticated attacker to seize control of a managed device via crafted FGFM requests, if the device is managed by a FortiManager, and if the attacker knows that FortiManager's serial number. An authentication bypass using an alternate pa... • https://github.com/allinsthon/CVE-2024-26009 • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 6.8EPSS: 0%CPEs: 16EXPL: 0CVE-2025-25248
https://notcve.org/view.php?id=CVE-2025-25248
12 Aug 2025 — An Integer Overflow or Wraparound vulnerability [CWE-190] in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.2 all versions, 6.4 all versions, FortiProxy version 7.6.2 and below, version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions and FortiPAM version 1.5.0, version 1.4.2 and below, 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions SSL-VPN RDP and VNC bookmarks may allow an authenticated user to affect the device SSL-VPN av... • https://fortiguard.fortinet.com/psirt/FG-IR-24-364 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.3EPSS: 0%CPEs: 9EXPL: 0CVE-2023-45584
https://notcve.org/view.php?id=CVE-2023-45584
12 Aug 2025 — A double free vulnerability [CWE-415] in Fortinet FortiOS version 7.4.0, version 7.2.0 through 7.2.5 and before 7.0.12, FortiProxy version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13 and FortiPAM version 1.1.0 through 1.1.2 and before 1.0.3 allows a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests. • https://fortiguard.fortinet.com/psirt/FG-IR-23-209 • CWE-415: Double Free •
CVSS: 8.3EPSS: 0%CPEs: 5EXPL: 0CVE-2025-53744
https://notcve.org/view.php?id=CVE-2025-53744
12 Aug 2025 — An incorrect privilege assignment vulnerability [CWE-266] in FortiOS Security Fabric version 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2 all versions, 7.0 all versions, 6.4 all versions, may allow a remote authenticated attacker with high privileges to escalate their privileges to super-admin via registering the device to a malicious FortiManager. • https://fortiguard.fortinet.com/psirt/FG-IR-25-173 • CWE-266: Incorrect Privilege Assignment •
CVSS: 5.3EPSS: 0%CPEs: 9EXPL: 0CVE-2024-55599
https://notcve.org/view.php?id=CVE-2024-55599
08 Jul 2025 — An Improperly Implemented Security Check for Standard vulnerability [CWE-358] in FortiOS version 7.6.0, version 7.4.7 and below, 7.0 all versions, 6.4 all versions and FortiProxy version 7.6.1 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions may allow a remote unauthenticated user to bypass the DNS filter via Apple devices. • https://fortiguard.fortinet.com/psirt/FG-IR-24-053 • CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 5.9EPSS: 0%CPEs: 7EXPL: 0CVE-2024-50568
https://notcve.org/view.php?id=CVE-2024-50568
10 Jun 2025 — A channel accessible by non-endpoint vulnerability [CWE-300] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7 and before 7.0.14 & FortiProxy version 7.4.0 through 7.4.3, 7.2.0 through 7.2.9 and before 7.0.16 allows an unauthenticated attacker with the knowledge of device specific data to spoof the identity of a downstream device of the security fabric via crafted TCP requests. • https://fortiguard.fortinet.com/psirt/FG-IR-24-058 • CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2025-25250
https://notcve.org/view.php?id=CVE-2025-25250
10 Jun 2025 — An Exposure of Sensitive Information to an Unauthorized Actor vulnerability [CWE-200] in FortiOS version 7.6.0, version 7.4.7 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions SSL-VPN web-mode may allow an authenticated user to access full SSL-VPN settings via crafted URL. • https://fortiguard.fortinet.com/psirt/FG-IR-24-257 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.2EPSS: 0%CPEs: 9EXPL: 0CVE-2023-29184
https://notcve.org/view.php?id=CVE-2023-29184
10 Jun 2025 — An incomplete cleanup vulnerability [CWE-459] in FortiOS 7.2 all versions and before & FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 allows a VDOM privileged attacker to add SSH key files on the system silently via crafted CLI requests. • https://fortiguard.fortinet.com/psirt/FG-IR-23-008 • CWE-459: Incomplete Cleanup •
CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0CVE-2025-22254
https://notcve.org/view.php?id=CVE-2025-22254
10 Jun 2025 — An Improper Privilege Management vulnerability [CWE-269] affecting Fortinet FortiOS version 7.6.0 through 7.6.1, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16 and before 6.4.15, FortiProxy version 7.6.0 through 7.6.1 and before 7.4.7 & FortiWeb version 7.6.0 through 7.6.1 and before 7.4.6 allows an authenticated attacker with at least read-only admin permissions to gain super-admin privileges via crafted requests to Node.js websocket module. An Improper Privilege Management vulnerability [... • https://fortiguard.fortinet.com/psirt/FG-IR-25-006 • CWE-269: Improper Privilege Management •
CVSS: 3.1EPSS: 0%CPEs: 5EXPL: 0CVE-2025-22251
https://notcve.org/view.php?id=CVE-2025-22251
10 Jun 2025 — An improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to inject unauthorized sessions via crafted FGSP session synchronization packets. • https://fortiguard.fortinet.com/psirt/FG-IR-24-287 • CWE-923: Improper Restriction of Communication Channel to Intended Endpoints •