CVE-2025-22258_CVE-2025-22258

5.7 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H/E:P/RL:W/RC:R

Description

A heap-based buffer overflow in Fortinet FortiSRA 1.5.0, 1.4.0 through 1.4.2, FortiPAM 1.5.0, 1.4.0 through 1.4.2, 1.3.0 through 1.3.1, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy 7.6.0 through 7.6.1, 7.4.0 through 7.4.7, FortiOS 7.6.0 through 7.6.2, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.2 through 7.0.16, FortiSwitchManager 7.2.1 through 7.2.5 allows attackers to escalate their privilege via specially crafted http requests.

Basic Information

ID CVE-2025-22258

Source fortinet

Published Oct 14, 2025 at 15:22

Affected Product

Vendor Fortinet

Product FortiSRA

Version 1.5.0

Affected Versions Fortinet FortiSRA 1.5.0
Fortinet FortiSRA 1.4.0
Fortinet FortiSwitchManager 7.2.1
Fortinet FortiProxy 7.6.0
Fortinet FortiProxy 7.4.0
Fortinet FortiOS 7.6.0
Fortinet FortiOS 7.4.0
Fortinet FortiOS 7.2.0
Fortinet FortiOS 7.0.2
Fortinet FortiPAM 1.5.0
Fortinet FortiPAM 1.4.0
Fortinet FortiPAM 1.3.0
Fortinet FortiPAM 1.2.0
Fortinet FortiPAM 1.1.0
Fortinet FortiPAM 1.0.0

CWE Classification

CWE-122

References

fortiguard.fortinet.com /psirt/FG-IR-24-546

{
    "lastseen": "",
    "description": "A heap-based buffer overflow in Fortinet FortiSRA 1.5.0, 1.4.0 through 1.4.2, FortiPAM 1.5.0, 1.4.0 through 1.4.2, 1.3.0 through 1.3.1, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy 7.6.0 through 7.6.1, 7.4.0 through 7.4.7, FortiOS 7.6.0 through 7.6.2, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.2 through 7.0.16, FortiSwitchManager 7.2.1 through 7.2.5 allows attackers to escalate their privilege via specially crafted http requests.",
    "published": "2025-10-14T15:22:56.720Z",
    "modified": "2025-10-14T15:22:56.720Z",
    "type": "cve",
    "title": "CVE-2025-22258",
    "source": "fortinet",
    "references": "https://fortiguard.fortinet.com/psirt/FG-IR-24-546",
    "id": "CVE-2025-22258",
    "bulletinFamily": "",
    "cwe": [
        "CWE-122"
    ],
    "cvelist": null,
    "sourceData": "Fortinet FortiSRA 1.5.0\nFortinet FortiSRA 1.4.0\nFortinet FortiSwitchManager 7.2.1\nFortinet FortiProxy 7.6.0\nFortinet FortiProxy 7.4.0\nFortinet FortiOS 7.6.0\nFortinet FortiOS 7.4.0\nFortinet FortiOS 7.2.0\nFortinet FortiOS 7.0.2\nFortinet FortiPAM 1.5.0\nFortinet FortiPAM 1.4.0\nFortinet FortiPAM 1.3.0\nFortinet FortiPAM 1.2.0\nFortinet FortiPAM 1.1.0\nFortinet FortiPAM 1.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.7,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H/E:P/RL:W/RC:R",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "FortiSRA",
    "version": "1.5.0",
    "vendor": "Fortinet",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}