CNNVD-202510-1977 Information
CNNVD ID
CNNVD-202510-1977
Related CVE
- CNNVD Published: 2025-10-14
Description (Chinese)
Fortinet FortiOS等都是美国飞塔(Fortinet)公司的产品。Fortinet FortiOS是一套专用于FortiGate网络安全平台上的安全操作系统。Fortinet FortiPAM是一款权限访问控制的平台。Fortinet FortiSRA是一款安全远程访问软件。 Fortinet多款产品存在安全漏洞,该漏洞源于堆缓冲区溢出,可能导致权限提升。以下产品及版本受到影响:FortiSRA 1.5.0版本和1.4.0版本至1.4.2版本、FortiPAM 1.5.0版本和1.4.0版本至1.4.2版本和1.3.0版本至1.3.1版本和1.2.0版本和1.1.0版本至1.1.2版本和1.0.0版本至1.0.3版本、FortiProxy 7.6.0版本至7.6.1版本和7.4.0版本至7.4.7版本、FortiOS 7.6.0版本至7.6.2版本和7.4.0版本至7.4.6版本和7.2.0版本至7.2.10版本和7.0.2版本至7.0.16版本、FortiSwitchManager 7.2.1版本至7.2.5版本。
Description (English)
Fortinet FortiOS and others are products of Fortinet. Fortinet FortiOS is a secure operating system dedicated to the FortiGate network security platform. Fortinet FortiPam is a platform for access control. Fortinet FortiSRA is a secure remote access software. There is a safety gap in Fortinet ’ s many products, which stems from the spilling out of the buffer zone, which could lead to increased access. The following products and versions have been affected: FortiSRA Version 1.5.0 and Versions 1.4.0 to 1.4.2, FortiPAM Version 1.5.0 and Versions 1.4.0 to 1.4.2 and Versions 1.3.0 to 1.3.1 and 1.2.0 and Versions 1.0.0 to 1.1.2 and Versions 1.0.0 to 1.1.3, FortiProxy Version 7.6.0 to 7.6.1 and Versions 7.4.07, FortiOS Version 7.6.0 to 7.6.2 and Versions 7.4.0 to 7.4.6 and Versions 7.2.10 and Versions 7.2.02 to 7.1.6, and Versions 7.0 to 7.1.6 and FortiSwitchManager Versions 7.2.1 to 7.2.5.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
飞塔
Published
2025-10-14
Last Modified
2026-02-24
References
https://fortiguard.fortinet.com/psirt/FG-IR-24-546 https://access.redhat.com/security/cve/cve-2025-22258
Patch
https://fortiguard.fortinet.com/psirt/FG-IR-24-546
Share on: