CVSS: 8.1EPSS: 0%CPEs: 11EXPL: 1CVE-2024-26009
https://notcve.org/view.php?id=CVE-2024-26009
12 Aug 2025 — An authentication bypass using an alternate path or channel [CWE-288] vulnerability in Fortinet FortiOS version 6.4.0 through 6.4.15 and before 6.2.16, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8 and before 7.0.15 & FortiPAM before version 1.2.0 allows an unauthenticated attacker to seize control of a managed device via crafted FGFM requests, if the device is managed by a FortiManager, and if the attacker knows that FortiManager's serial number. An authentication bypass using an alternate pa... • https://github.com/allinsthon/CVE-2024-26009 • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 6.8EPSS: 0%CPEs: 16EXPL: 0CVE-2025-25248
https://notcve.org/view.php?id=CVE-2025-25248
12 Aug 2025 — An Integer Overflow or Wraparound vulnerability [CWE-190] in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.2 all versions, 6.4 all versions, FortiProxy version 7.6.2 and below, version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions and FortiPAM version 1.5.0, version 1.4.2 and below, 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions SSL-VPN RDP and VNC bookmarks may allow an authenticated user to affect the device SSL-VPN av... • https://fortiguard.fortinet.com/psirt/FG-IR-24-364 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.3EPSS: 0%CPEs: 9EXPL: 0CVE-2023-45584
https://notcve.org/view.php?id=CVE-2023-45584
12 Aug 2025 — A double free vulnerability [CWE-415] in Fortinet FortiOS version 7.4.0, version 7.2.0 through 7.2.5 and before 7.0.12, FortiProxy version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13 and FortiPAM version 1.1.0 through 1.1.2 and before 1.0.3 allows a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests. • https://fortiguard.fortinet.com/psirt/FG-IR-23-209 • CWE-415: Double Free •
CVSS: 8.3EPSS: 0%CPEs: 5EXPL: 0CVE-2025-53744
https://notcve.org/view.php?id=CVE-2025-53744
12 Aug 2025 — An incorrect privilege assignment vulnerability [CWE-266] in FortiOS Security Fabric version 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2 all versions, 7.0 all versions, 6.4 all versions, may allow a remote authenticated attacker with high privileges to escalate their privileges to super-admin via registering the device to a malicious FortiManager. • https://fortiguard.fortinet.com/psirt/FG-IR-25-173 • CWE-266: Incorrect Privilege Assignment •
CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0CVE-2025-24477
https://notcve.org/view.php?id=CVE-2025-24477
15 Jul 2025 — A heap-based buffer overflow in Fortinet FortiOS versions 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2.4 through 7.2.11 allows an attacker to escalate its privileges via a specially crafted CLI command • https://fortiguard.fortinet.com/psirt/FG-IR-25-026 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.3EPSS: 0%CPEs: 8EXPL: 0CVE-2024-52965
https://notcve.org/view.php?id=CVE-2024-52965
08 Jul 2025 — A missing critical step in authentication vulnerability [CWE-304] in Fortinet FortiOS version 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.10, and before 7.0.16 & FortiProxy version 7.6.0 through 7.6.1, 7.4.0 through 7.4.8, 7.2.0 through 7.2.13 and before 7.0.20 allows an API-user using api-key + PKI user certificate authentication to login even if the certificate is invalid. • https://fortiguard.fortinet.com/psirt/FG-IR-24-511 • CWE-304: Missing Critical Step in Authentication •
CVSS: 5.3EPSS: 0%CPEs: 9EXPL: 0CVE-2024-55599
https://notcve.org/view.php?id=CVE-2024-55599
08 Jul 2025 — An Improperly Implemented Security Check for Standard vulnerability [CWE-358] in FortiOS version 7.6.0, version 7.4.7 and below, 7.0 all versions, 6.4 all versions and FortiProxy version 7.6.1 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions may allow a remote unauthenticated user to bypass the DNS filter via Apple devices. • https://fortiguard.fortinet.com/psirt/FG-IR-24-053 • CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 5.9EPSS: 0%CPEs: 7EXPL: 0CVE-2024-50568
https://notcve.org/view.php?id=CVE-2024-50568
10 Jun 2025 — A channel accessible by non-endpoint vulnerability [CWE-300] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7 and before 7.0.14 & FortiProxy version 7.4.0 through 7.4.3, 7.2.0 through 7.2.9 and before 7.0.16 allows an unauthenticated attacker with the knowledge of device specific data to spoof the identity of a downstream device of the security fabric via crafted TCP requests. • https://fortiguard.fortinet.com/psirt/FG-IR-24-058 • CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2025-25250
https://notcve.org/view.php?id=CVE-2025-25250
10 Jun 2025 — An Exposure of Sensitive Information to an Unauthorized Actor vulnerability [CWE-200] in FortiOS version 7.6.0, version 7.4.7 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions SSL-VPN web-mode may allow an authenticated user to access full SSL-VPN settings via crafted URL. • https://fortiguard.fortinet.com/psirt/FG-IR-24-257 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.2EPSS: 0%CPEs: 9EXPL: 0CVE-2023-29184
https://notcve.org/view.php?id=CVE-2023-29184
10 Jun 2025 — An incomplete cleanup vulnerability [CWE-459] in FortiOS 7.2 all versions and before & FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 allows a VDOM privileged attacker to add SSH key files on the system silently via crafted CLI requests. • https://fortiguard.fortinet.com/psirt/FG-IR-23-008 • CWE-459: Incomplete Cleanup •