CNNVD-202511-2026 Information
CNNVD ID
CNNVD-202511-2026
Related CVE
- CNNVD Published: 2025-11-18
Description (Chinese)
Fortinet FortiOS是美国飞塔(Fortinet)公司的一套专用于FortiGate网络安全平台上的安全操作系统。该系统为用户提供防火墙、防病毒、IPSec/SSLVPN、Web内容过滤和反垃圾邮件等多种安全功能。 Fortinet FortiOS存在安全漏洞,该漏洞源于基于栈的缓冲区溢出,可能导致执行未经授权的代码或命令。以下版本受到影响:7.6.0版本至7.6.3版本、7.4.0版本至7.4.8版本、7.2所有版本、7.0所有版本和6.4所有版本。
Description (English)
Fortinet FortiOS is a security operating system dedicated to the FortiGate network security platform of the United States of America. The system provides a wide range of security features for users, including firewalls, anti-virus, IPSEc/SSLVPN, Web content filters and anti-spam. There is a security gap in Fortinet FortiOS, which stems from the spilling of a fence-based buffer zone, which may lead to the execution of unauthorized codes or orders. The following versions were affected: 7.6.0 to 7.6.3, 7.4.0 to 7.4.8, 7.2 all, 7.0 all and 6.4 all.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
飞塔
Published
2025-11-18
Last Modified
2026-02-24
References
https://fortiguard.fortinet.com/psirt/FG-IR-25-358 https://access.redhat.com/security/cve/cve-2025-53843 https://vigilance.fr/vulnerability/FortiOS-buffer-overflow-via-CAPWAP-Daemon-48809
Patch
https://fortiguard.fortinet.com/psirt/FG-IR-25-358
Share on: