Unrated severityNVD Advisory· Published Oct 14, 2025· Updated Feb 26, 2026
CVE-2025-22258
CVE-2025-22258
Description
A heap-based buffer overflow in Fortinet FortiSRA 1.5.0, 1.4.0 through 1.4.2, FortiPAM 1.5.0, 1.4.0 through 1.4.2, 1.3.0 through 1.3.1, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy 7.6.0 through 7.6.1, 7.4.0 through 7.4.7, FortiOS 7.6.0 through 7.6.2, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.2 through 7.0.16, FortiSwitchManager 7.2.1 through 7.2.5 allows attackers to escalate their privilege via specially crafted http requests.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10cpe:2.3:a:fortinet:fortiproxy:7.6.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:fortinet:fortiproxy:7.6.1:*:*:*:*:*:*:*range: 7.6.0
- (no CPE)range: = 7.6.0 - 7.6.1, 7.4.0 - 7.4.7
cpe:2.3:a:fortinet:fortiswitchmanager:7.2.5:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:fortinet:fortiswitchmanager:7.2.5:*:*:*:*:*:*:*range: 7.2.1
- (no CPE)range: = 7.2.1 - 7.2.5
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.