A out-of-bounds read vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.2, FortiAuthenticator 6.5 all versions may allow a remote unauthenticated attacker to retrieve sensitive information via a specially crafted request.
History

Tue, 14 Jul 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 14 Jul 2026 15:45:00 +0000

Type Values Removed Values Added
Description A out-of-bounds read vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.2, FortiAuthenticator 6.5 all versions may allow a remote unauthenticated attacker to retrieve sensitive information via a specially crafted request.
First Time appeared Fortinet
Fortinet fortiauthenticator
Weaknesses CWE-125
CPEs cpe:2.3:a:fortinet:fortiauthenticator:6.3.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.3.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.3.2:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.3.3:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.3.4:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.3.5:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.4.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.4.10:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.4.11:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.4.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.4.2:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.4.3:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.4.4:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.4.5:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.4.6:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.4.7:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.4.8:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.4.9:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.5.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.5.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.5.2:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.5.3:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.5.4:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.5.5:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.5.6:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.5.7:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.6.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.6.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiauthenticator:6.6.2:*:*:*:*:*:*:*
Vendors & Products Fortinet
Fortinet fortiauthenticator
References
Metrics cvssV3_1

{'score': 7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C'}


cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published:

Updated: 2026-07-14T15:56:07.256Z

Reserved: 2025-06-27T15:44:12.816Z

Link: CVE-2025-53379

cve-icon Vulnrichment

Updated: 2026-07-14T15:56:02.315Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.