CVE-2025-25248EPSS p33.3%

CVE-2025-25248CVE-2025-25248

fortinet / fortios

Description

An Integer Overflow or Wraparound vulnerability [CWE-190] in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.2 all versions, 6.4 all versions, FortiProxy version 7.6.2 and below, version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions and FortiPAM version 1.5.0, version 1.4.2 and below, 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions SSL-VPN RDP and VNC bookmarks may allow an authenticated user to affect the device SSL-VPN availability via crafted requests.

Scoring

CVSS 5.3 ()
VectorCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS0.42% probability of exploitation · percentile 33.3% · 2026-06-19T12:03:05Z
Last modified2026-06-09

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-57740
CVE
CVE-2025-25249
CVE
CVE-2025-25250
CVE
Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability
CVE
CVE-2022-42475
CVE
CVE-2024-50562
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.