VYPR
Low severity1.9NVD Advisory· Published Nov 18, 2025· Updated Jun 9, 2026

CVE-2025-54821

CVE-2025-54821

Description

An Improper Privilege Management vulnerability [CWE-269] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3 all versions, FortiPAM 1.2 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4 all versions, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions may allow an authenticated administrator to bypass the trusted host policy via crafted CLI command.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

9
  • cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*range: >=7.0.0,<7.6.4
    • cpe:2.3:a:fortinet:fortiproxy:7.6.3:*:*:*:*:*:*:*range: 7.6.0
    • (no CPE)range: 7.6.0 through 7.6.3, 7.4 all versions, 7.2 all versions, 7.0 all versions
  • Fortinet/Fortios3 versions
    cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*range: >=6.4.0,<7.6.4
    • cpe:2.3:o:fortinet:fortios:7.6.3:*:*:*:*:*:*:*range: 7.6.0
    • (no CPE)range: 7.6.0 through 7.6.3, 7.4 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions
  • Fortinet/Fortipam3 versions
    cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*range: >=1.0.0,<1.6.1
    • cpe:2.3:o:fortinet:fortipam:1.6.0:*:*:*:*:*:*:*range: 1.6.0
    • (no CPE)range: 1.6.0, 1.5 all versions, 1.4 all versions, 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.