{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-25249", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2025-02-05T13:31:18.866Z", "datePublished": "2026-01-13T16:32:35.662Z", "dateUpdated": "2026-01-13T16:32:35.662Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiSwitchManager", "cpes": ["cpe:2.3:a:fortinet:fortiswitchmanager:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.2:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.2.2", "lessThanOrEqual": "7.2.5", "status": "affected"}]}, {"vendor": "Fortinet", "product": "FortiSASE", "cpes": ["cpe:2.3:a:fortinet:fortisase:25.1.a.2:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "25.1.a.2", "status": "affected"}]}, {"vendor": "Fortinet", "product": "FortiOS", "cpes": ["cpe:2.3:o:fortinet:fortios:7.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.6.0", "lessThanOrEqual": "7.6.2", "status": "affected"}, {"versionType": "semver", "version": "7.4.0", "lessThanOrEqual": "7.4.7", "status": "affected"}, {"versionType": "semver", "version": "7.2.4", "lessThanOrEqual": "7.2.11", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4.0 through 6.4.16, FortiSASE 25.2.b, FortiSASE 25.1.a.2, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows attacker to execute unauthorized code or commands via specially crafted packets"}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2026-01-13T16:32:35.662Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-122", "description": "Execute unauthorized code or commands", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:W/RC:C"}}], "solutions": [{"lang": "en", "value": "Upgrade to FortiSwitchManager version 7.2.7 or above\nUpgrade to FortiSwitchManager version 7.0.6 or above\nFortinet remediated this issue in FortiSASE version 25.2.c and hence customers do not need to perform any action.\nFortinet remediated this issue in FortiSASE version 25.1.b and hence customers do not need to perform any action.\nUpgrade to upcoming FortiOS version 8.0.0 or above\nUpgrade to FortiOS version 7.6.4 or above\nUpgrade to FortiOS version 7.4.9 or above\nUpgrade to FortiOS version 7.2.12 or above\nUpgrade to FortiOS version 7.0.18 or above\nUpgrade to upcoming FortiOS version 6.4.17 or above"}], "references": [{"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-084", "url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-084"}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4.0 through 6.4.16, FortiSASE 25.2.b, FortiSASE 25.1.a.2, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows attacker to execute unauthorized code or commands via specially crafted packets"}], "id": "CVE-2025-25249", "lastModified": "2026-01-13T17:15:56.910", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "psirt@fortinet.com", "type": "Secondary"}]}, "published": "2026-01-13T17:15:56.910", "references": [{"source": "psirt@fortinet.com", "url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-084"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}], "source": "psirt@fortinet.com", "type": "Primary"}]}

{}

{}