CNNVD-202508-1255 Information
CNNVD ID
CNNVD-202508-1255
Related CVE
- CNNVD Published: 2025-08-12
Description (Chinese)
Fortinet FortiOS等都是美国飞塔(Fortinet)公司的产品。Fortinet FortiOS是一套专用于FortiGate网络安全平台上的安全操作系统。Fortinet FortiProxy SSL VPN是一个应用软件。Fortinet FortiPAM是一款权限访问控制的平台。 Fortinet多款产品存在输入验证错误漏洞,该漏洞源于整数溢出或环绕错误,可能影响设备SSL-VPN可用性。以下产品和版本受到影响:FortiOS 7.6.2及之前版本、7.4.7及之前版本、7.2.10及之前版本、7.2所有版本、6.4所有版本、Fortinet FortiProxy SSL VPN 7.6.2及之前版本、7.4.3及之前版本、7.2所有版本、7.0所有版本、2.0所有版本和FortiPAM 1.5.0版本、1.4.2及之前版本、1.3所有版本、1.2所有版本、1.1所有版本、1.0所有版本。
Description (English)
Fortinet FortiOS and others are products of Fortinet. Fortinet FortiOS is a secure operating system dedicated to the FortiGate network security platform. Fortinet FortiProxy SSL VPN is an application. Fortinet FortiPam is a platform for access control. Fortinet multi-products have input-validation bugs, which stem from integer spills or inverting errors that may affect the availability of SSL-VPN. The following products and versions were affected: FortiOS 7.6.2 and earlier, 7.4.7 and earlier, 7.2.10 and earlier, 7.2 all versions, 6.4 all versions, Fortinet FortiProxy SSL VPN 7.6.2 and earlier, 7.4.3 and earlier, 7.2 all versions, 7.0 all versions, 2.0 all versions and FortiPAM 1.5.0, 1.4.2 and earlier, 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions.
Hazard Level
High
Vulnerability Type
输入验证错误
Affected Vendor
飞塔
Published
2025-08-12
Last Modified
2026-02-24
References
https://fortiguard.fortinet.com/psirt/FG-IR-24-364 https://access.redhat.com/security/cve/cve-2025-25248
Patch
https://docs.fortinet.com/upgrade-tool/fortigate
Share on: