A heap-based buffer overflow in Fortinet FortiOS 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4.0 through 6.4.15, 6.2.0 through 6.2.17, FortiManager Cloud 7.6.2, 7.4.1 through 7.4.5, 7.2.1 through 7.2.8, 7.0.1 through 7.0.13, 6.4.1 through 6.4.7, FortiAnalyzer Cloud 7.4.1 through 7.4.5, 7.2.1 through 7.2.8, 7.0.1 through 7.0.13, 6.4.1 through 6.4.7, FortiProxy 7.6.0, 7.4.0 through 7.4.6, 7.2.0 through 7.2.12, 7.0.0 through 7.0.19, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiAnalyzer 7.6.0 through 7.6.2, 7.4.0 through 7.4.5, 7.2.0 through 7.2.8, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15, 6.2.0 through 6.2.13, 6.0.0 through 6.0.12, FortiManager 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.9, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15, 6.2.0 through 6.2.13, 6.0.0 through 6.0.12 allows attacker to execute unauthorized code or commands via specifically crafted requests.
2025-10-14T16:15:35.673
2025-10-15T17:34:34.157
Analyzed
CVSSv3.1: 7.2 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | fortinet | fortianalyzer | < 7.0.14 | Yes |
| Application | fortinet | fortianalyzer | < 7.2.10 | Yes |
| Application | fortinet | fortianalyzer | < 7.4.6 | Yes |
| Application | fortinet | fortianalyzer | < 7.6.3 | Yes |
| Application | fortinet | fortianalyzer_cloud | < 7.0.14 | Yes |
| Application | fortinet | fortianalyzer_cloud | < 7.2.10 | Yes |
| Application | fortinet | fortianalyzer_cloud | < 7.4.6 | Yes |
| Application | fortinet | fortimanager | < 7.0.14 | Yes |
| Application | fortinet | fortimanager | < 7.2.10 | Yes |
| Application | fortinet | fortimanager | < 7.4.6 | Yes |
| Application | fortinet | fortimanager | < 7.6.2 | Yes |
| Application | fortinet | fortimanager_cloud | < 7.0.14 | Yes |
| Application | fortinet | fortimanager_cloud | < 7.2.10 | Yes |
| Application | fortinet | fortimanager_cloud | < 7.4.6 | Yes |
| Application | fortinet | fortimanager_cloud | 7.6.2 | Yes |
| Operating System | fortinet | fortios | < 6.4.16 | Yes |
| Operating System | fortinet | fortios | < 7.0.17 | Yes |
| Operating System | fortinet | fortios | < 7.2.11 | Yes |
| Operating System | fortinet | fortios | < 7.4.7 | Yes |
| Operating System | fortinet | fortios | < 7.6.3 | Yes |
| Application | fortinet | fortiproxy | < 7.0.20 | Yes |
| Application | fortinet | fortiproxy | < 7.2.13 | Yes |
| Application | fortinet | fortiproxy | < 7.4.8 | Yes |
| Application | fortinet | fortiproxy | 7.6.0 | Yes |