CVE-2025-24477 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4.2 MEDIUM	LOCAL	LOW	HIGH	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
fortinet	CNA	4 MEDIUM	LOCAL	LOW	HIGH	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:U/RC:C
CISA-ADP	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Common Weakness Enumeration

CWE-122 - Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Vulnerability Media Exposure

[GERMAN] Fortinet FortiOS: Schwachstelle ermöglicht Codeausführung
Ein lokaler Angreifer kann eine Schwachstelle in Fortinet FortiOS ausnutzen, um beliebigen Programmcode auszuführen.
Published: 2025-07-08T22:00:00+00:00
[GERMAN] Fortinet schließt Sicherheitslecks in mehreren Produkten
Fortinet hat einige Sicherheitslücken in mehreren Produkten geschlossen. Eine davon gilt sogar als kritisches Risiko.
Published: 2025-07-10T09:53:00+00:00

References

https://fortiguard.fortinet.com/psirt/FG-IR-25-026