vulnerability
Fortinet FortiOS: Integer Overflow or Wraparound (CVE-2025-25248)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:M/Au:S/C:N/I:N/A:C) | Aug 15, 2025 | Aug 15, 2025 | Aug 15, 2025 |
Severity
6
CVSS
(AV:N/AC:M/Au:S/C:N/I:N/A:C)
Published
Aug 15, 2025
Added
Aug 15, 2025
Modified
Aug 15, 2025
Description
An Integer Overflow or Wraparound vulnerability [CWE-190] in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.2 all versions, 6.4 all versions, FortiProxy version 7.6.2 and below, version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions and FortiPAM version 1.5.0, version 1.4.2 and below, 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions SSL-VPN RDP and VNC bookmarks may allow an authenticated user to affect the device SSL-VPN availability via crafted requests.
Solutions
fortios-upgrade-7_2_11fortios-upgrade-7_4_8fortios-upgrade-7_6_3
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.