CVE-2025-58413_CVE-2025-58413

6.9 / 10

MEDIUM

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:W/RC:C

Description

A stack-based buffer overflow in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiSASE 25.3.b allows attacker to execute unauthorized code or commands via specially crafted packets

Basic Information

ID CVE-2025-58413

Source fortinet

Published Nov 18, 2025 at 17:01

Modified Nov 18, 2025 at 20:04

Affected Product

Vendor Fortinet

Product FortiSASE

Version 25.3.b

Affected Versions Fortinet FortiSASE 25.3.b
Fortinet FortiOS 7.6.0
Fortinet FortiOS 7.4.0
Fortinet FortiOS 7.2.0
Fortinet FortiOS 7.0.0
Fortinet FortiOS 6.4.0
Fortinet FortiOS 6.2.0
Fortinet FortiOS 6.0.0

CWE Classification

CWE-121

References

fortiguard.fortinet.com /psirt/FG-IR-25-632

{
    "lastseen": "",
    "description": "A stack-based buffer overflow in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiSASE 25.3.b allows attacker to execute unauthorized code or commands via specially crafted packets",
    "published": "2025-11-18T17:01:22.032Z",
    "modified": "2025-11-18T20:04:36.431Z",
    "type": "cve",
    "title": "CVE-2025-58413",
    "source": "fortinet",
    "references": "https://fortiguard.fortinet.com/psirt/FG-IR-25-632",
    "id": "CVE-2025-58413",
    "bulletinFamily": "",
    "cwe": [
        "CWE-121"
    ],
    "cvelist": null,
    "sourceData": "Fortinet FortiSASE 25.3.b\nFortinet FortiOS 7.6.0\nFortinet FortiOS 7.4.0\nFortinet FortiOS 7.2.0\nFortinet FortiOS 7.0.0\nFortinet FortiOS 6.4.0\nFortinet FortiOS 6.2.0\nFortinet FortiOS 6.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:W/RC:C",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "FortiSASE",
    "version": "25.3.b",
    "vendor": "Fortinet",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}