{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-25249", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2025-02-05T13:31:18.866Z", "datePublished": "2026-01-13T16:32:35.662Z", "dateUpdated": "2026-06-09T09:02:09.750Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiSwitchManager", "cpes": ["cpe:2.3:a:fortinet:fortiswitchmanager:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.2:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.2.2", "lessThanOrEqual": "7.2.5", "status": "affected"}]}, {"vendor": "Fortinet", "product": "FortiOS", "cpes": ["cpe:2.3:o:fortinet:fortios:7.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.6.0", "lessThanOrEqual": "7.6.2", "status": "affected"}, {"versionType": "semver", "version": "7.4.0", "lessThanOrEqual": "7.4.7", "status": "affected"}, {"versionType": "semver", "version": "7.2.4", "lessThanOrEqual": "7.2.11", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4 all versions, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows attacker to execute unauthorized code or commands via specially crafted packets"}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2026-02-23T08:51:58.404Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-122", "description": "Execute unauthorized code or commands", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:W/RC:C"}}], "solutions": [{"lang": "en", "value": "Upgrade to FortiSwitchManager version 7.2.7 or above\nUpgrade to FortiSwitchManager version 7.0.6 or above\nFortinet remediated this issue in FortiSASE version 25.2.c and hence customers do not need to perform any action.\nFortinet remediated this issue in FortiSASE version 25.1.b and hence customers do not need to perform any action.\nUpgrade to upcoming FortiOS version 8.0.0 or above\nUpgrade to FortiOS version 7.6.4 or above\nUpgrade to FortiOS version 7.4.9 or above\nUpgrade to FortiOS version 7.2.12 or above\nUpgrade to FortiOS version 7.0.18 or above"}], "references": [{"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-084", "url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-084"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-25249", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-01-14T04:57:25.533277Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T15:04:42.502Z"}}, {"x_adpType": "supplier", "providerMetadata": {"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e", "shortName": "siemens-SADP", "dateUpdated": "2026-06-09T09:02:09.750Z"}, "affected": [{"vendor": "Siemens", "product": "RUGGEDCOM APE1808", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}], "references": [{"url": "https://cert-portal.siemens.com/productcert/html/ssa-864900.html"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"affected": [{"vendor": "Siemens", "product": "RUGGEDCOM APE1808", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}], "x_adpType": "supplier", "references": [{"url": "https://cert-portal.siemens.com/productcert/html/ssa-864900.html"}], "providerMetadata": {"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e", "shortName": "siemens-SADP", "dateUpdated": "2026-06-09T09:02:09.750Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-25249", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-01-14T04:57:25.533277Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-13T21:41:25.570Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:W/RC:C", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"cpes": ["cpe:2.3:a:fortinet:fortiswitchmanager:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.2:*:*:*:*:*:*:*"], "vendor": "Fortinet", "product": "FortiSwitchManager", "versions": [{"status": "affected", "version": "7.2.2", "versionType": "semver", "lessThanOrEqual": "7.2.5"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:fortinet:fortios:7.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*"], "vendor": "Fortinet", "product": "FortiOS", "versions": [{"status": "affected", "version": "7.6.0", "versionType": "semver", "lessThanOrEqual": "7.6.2"}, {"status": "affected", "version": "7.4.0", "versionType": "semver", "lessThanOrEqual": "7.4.7"}, {"status": "affected", "version": "7.2.4", "versionType": "semver", "lessThanOrEqual": "7.2.11"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade to FortiSwitchManager version 7.2.7 or above\nUpgrade to FortiSwitchManager version 7.0.6 or above\nFortinet remediated this issue in FortiSASE version 25.2.c and hence customers do not need to perform any action.\nFortinet remediated this issue in FortiSASE version 25.1.b and hence customers do not need to perform any action.\nUpgrade to upcoming FortiOS version 8.0.0 or above\nUpgrade to FortiOS version 7.6.4 or above\nUpgrade to FortiOS version 7.4.9 or above\nUpgrade to FortiOS version 7.2.12 or above\nUpgrade to FortiOS version 7.0.18 or above"}], "references": [{"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-084", "name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-084"}], "descriptions": [{"lang": "en", "value": "A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4 all versions, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows attacker to execute unauthorized code or commands via specially crafted packets"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-122", "description": "Execute unauthorized code or commands"}]}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2026-02-23T08:51:58.404Z"}}}, "cveMetadata": {"cveId": "CVE-2025-25249", "state": "PUBLISHED", "dateUpdated": "2026-06-09T09:02:09.750Z", "dateReserved": "2025-02-05T13:31:18.866Z", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "datePublished": "2026-01-13T16:32:35.662Z", "assignerShortName": "fortinet"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "matchCriteriaId": "129406C1-A2FA-4289-8009-8AEEFEF14AAC", "versionEndExcluding": "6.4.17", "versionStartIncluding": "6.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "matchCriteriaId": "BCEB8B8A-797C-4E5E-BCDB-A54EB83AD8A2", "versionEndExcluding": "7.0.18", "versionStartIncluding": "7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "matchCriteriaId": "E8FAAA2E-7A53-4F6B-A9C7-1E2B4CB5F7EB", "versionEndExcluding": "7.2.12", "versionStartIncluding": "7.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "matchCriteriaId": "2093EFE3-4B7F-4806-9850-C42B26BC64AC", "versionEndExcluding": "7.4.9", "versionStartIncluding": "7.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "matchCriteriaId": "C1C30E0D-7F09-42D2-9EB1-E2196BD50D75", "versionEndExcluding": "7.6.4", "versionStartIncluding": "7.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", "matchCriteriaId": "F1B9AA70-BB46-403B-94C1-D94C64E22334", "versionEndExcluding": "7.0.6", "versionStartIncluding": "7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", "matchCriteriaId": "EE22A407-02CB-4979-A38D-9EBAFEB350F6", "versionEndExcluding": "7.2.7", "versionStartIncluding": "7.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortisase:25.1.39:*:*:*:-:*:*:*", "matchCriteriaId": "77B84900-E96D-4E2C-8797-B1460E71874E", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortisase:25.1.51:*:*:*:-:*:*:*", "matchCriteriaId": "12A8EE3F-EEAF-460D-B2DB-551509DF0814", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4 all versions, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows attacker to execute unauthorized code or commands via specially crafted packets"}, {"lang": "es", "value": "Una vulnerabilidad de desbordamiento de b\u00fafer basado en mont\u00edculo en Fortinet FortiOS 7.6.0 a 7.6.3, FortiOS 7.4.0 a 7.4.8, FortiOS 7.2.0 a 7.2.11, FortiOS 7.0.0 a 7.0.17, FortiOS 6.4.0 a 6.4.16, FortiSwitchManager 7.2.0 a 7.2.6, FortiSwitchManager 7.0.0 a 7.0.5 permite al atacante ejecutar c\u00f3digo o comandos no autorizados a trav\u00e9s de paquetes especialmente dise\u00f1ados."}], "id": "CVE-2025-25249", "lastModified": "2026-06-09T10:16:34.490", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "psirt@fortinet.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-01-13T17:15:56.910", "references": [{"source": "psirt@fortinet.com", "tags": ["Vendor Advisory"], "url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-084"}, {"source": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e", "url": "https://cert-portal.siemens.com/productcert/html/ssa-864900.html"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}], "source": "psirt@fortinet.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}