VYPR
Medium severity5.3NVD Advisory· Published Aug 12, 2025· Updated Jun 9, 2026

CVE-2025-25248

CVE-2025-25248

Description

An Integer Overflow or Wraparound vulnerability [CWE-190] in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.2 all versions, 6.4 all versions, FortiProxy version 7.6.2 and below, version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions and FortiPAM version 1.5.0, version 1.4.2 and below, 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions SSL-VPN RDP and VNC bookmarks may allow an authenticated user to affect the device SSL-VPN availability via crafted requests.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

9
  • cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*range: >=2.0.0,<7.4.4
    • (no CPE)range: <=7.6.2, <=7.4.3, 7.2, 7.0, 2.0
    • (no CPE)range: 7.6.0
  • Fortinet/Fortios3 versions
    cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*range: >=6.4.0,<7.2.11
    • cpe:2.3:o:fortinet:fortios:7.6.2:*:*:*:*:*:*:*range: 7.6.0
    • (no CPE)range: <=7.6.2, <=7.4.7, <=7.2.10, 7.2, 6.4
  • Fortinet/Fortipam3 versions
    cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*range: >=1.0.0,<1.4.3
    • cpe:2.3:o:fortinet:fortipam:1.5.0:*:*:*:*:*:*:*
    • (no CPE)range: 1.5.0, <=1.4.2, 1.3, 1.2, 1.1, 1.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.