CNNVD-202508-1251 Information
CNNVD ID
CNNVD-202508-1251
Related CVE
- CNNVD Published: 2025-08-12
Description (Chinese)
Fortinet FortiOS等都是美国飞塔(Fortinet)公司的产品。Fortinet FortiOS是一套专用于FortiGate网络安全平台上的安全操作系统。Fortinet FortiProxy是一种安全的网络代理,通过结合多种检测技术,如Web过滤、DNS过滤、DLP、反病毒、入侵防御和高级威胁保护,可以保护员工免受网络攻击。FortiProxy有助于减少带宽需求,并通过内容和视频缓存优化网络。Fortinet FortiPAM是一款权限访问控制的平台。 Fortinet多款产品存在安全漏洞,该漏洞源于身份验证绕过,可能导致设备被控制。以下产品和版本受到影响:FortiOS 6.4.0至6.4.15版本和6.2.16之前版本、FortiProxy 7.4.0至7.4.2版本、7.2.0至7.2.8版本和7.0.15之前版本和FortiPAM 1.2.0之前版本。
Description (English)
Fortinet FortiOS and others are products of Fortinet. Fortinet FortiOS is a secure operating system dedicated to the FortiGate network security platform. Fortinet FortiProxy is a secure network agent who can protect employees from cyberattacks by combining multiple detection techniques such as Web filtering, DNS filtering, DLP, anti-virus, invasion defense and advanced threat protection. FortiProxy helps reduce bandwidth demand and optimizes the network through content and video caches. Fortinet FortiPam is a platform for access control. There is a safety gap in Fortinet ’ s multiple products, which stems from the circumvention of identification, which may lead to the equipment being controlled. The following products and versions were affected: FortiOS, versions 6.4.0 to 6.4.15 and pre-6.2.16, FortiProxy, versions 7.4.0 to 7.4.2, versions 7.2.0 to 7.2.8 and pre-7.0.15 and pre-FortiPAM 1.2.0.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
飞塔
Published
2025-08-12
Last Modified
2026-02-24
References
https://fortiguard.fortinet.com/psirt/FG-IR-24-042 https://access.redhat.com/security/cve/cve-2024-26009
Patch
https://docs.fortinet.com/upgrade-tool/fortigate
Share on: