CVE-2025-22254

EUVD-2025-17796

10.06.2025, 17:21

An Improper Privilege Management vulnerability [CWE-269] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.1, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4.0 through 6.4.15, FortiProxy 7.6.0 through 7.6.1, FortiProxy 7.4.0 through 7.4.7, FortiWeb 7.6.0 through 7.6.1, FortiWeb 7.4.0 through 7.4.6 allows an authenticated attacker with at least read-only admin permissions to gain super-admin privileges via crafted requests to Node.js websocket module.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	6.6 MEDIUM	NETWORK	HIGH	HIGH	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
fortinet	CNA	6.5 MEDIUM	NETWORK	HIGH	HIGH	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H/RL:W/RC:C

Base Score

CVSS 3.x

EPSS Score

Percentile: 19%

Affected Products (NVD)

Vendor	Product	Version
fortinet	fortios	6.4.0 ≤ 𝑥 < 6.4.16
fortinet	fortios	7.0.0 ≤ 𝑥 < 7.0.17
fortinet	fortios	7.2.0 ≤ 𝑥 < 7.2.11
fortinet	fortios	7.4.0 ≤ 𝑥 < 7.4.7
fortinet	fortios	7.6.0 ≤ 𝑥 < 7.6.2
fortinet	fortiproxy	7.4.0 ≤ 𝑥 < 7.4.8
fortinet	fortiproxy	7.6.0 ≤ 𝑥 < 7.6.2
fortinet	fortiweb	7.4.0 ≤ 𝑥 < 7.4.7
fortinet	fortiweb	7.6.0 ≤ 𝑥 < 7.6.2

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-269 - Improper Privilege Management
The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References

https://fortiguard.fortinet.com/psirt/FG-IR-25-006