CVE-2025-54821

LOW(1.9)

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N

Risk Signal Score5/100 — NIEDRIG

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

1.9

Technische Schwere

Beschreibung

An Improper Privilege Management vulnerability [CWE-269] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3 all versions, FortiPAM 1.2 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4 all versions, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions may allow an authenticated administrator to bypass the trusted host policy via crafted CLI command.

Referenzen

https://fortiguard.fortinet.com/psirt/FG-IR-25-545
https://cert-portal.siemens.com/productcert/html/ssa-864900.html