Unrated severityNVD Advisory· Published Dec 9, 2025· Updated Jan 14, 2026
CVE-2025-59808
CVE-2025-59808
Description
An unverified password change vulnerability [CWE-620] vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.2, FortiSOAR PaaS 7.5.0 through 7.5.1, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5.1, FortiSOAR on-premise 7.4 all versions, FortiSOAR on-premise 7.3 all versions may allow an attacker who has already gained access to a victim's user account to reset the account credentials without being prompted for the account's password
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- cpe:2.3:a:fortinet:fortisoaron-premise:7.6.2:*:*:*:*:*:*:*Range: 7.6.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.