CVE-2025-54820HIGH 8.1EPSS p54.0%

CVE-2025-54820CVE-2025-54820

Description

A Stack-based Buffer Overflow vulnerability [CWE-121] vulnerability in Fortinet FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.10, FortiManager 6.4 all versions may allow a remote unauthenticated attacker to execute unauthorized commands via crafted requests, if the service is enabled. The success of the attack depends on the ability to bypass the stack protection mechanisms.

Scoring

CVSS 3.18.1 (HIGH)
VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.87% probability of exploitation · percentile 54.0% · 2026-06-19T12:03:05Z
Published2026-03-10
Last modified2026-03-12

Underlying weaknesses· 2

CWE-121CWE-787

References

  1. https://fortiguard.fortinet.com/psirt/FG-IR-26-098

2

TypeTargetConfidenceTier
WeaknessStack-based Buffer Overflowcwe-1210%live
WeaknessOut-of-bounds Writecwe-7870%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-53843
CVE
CVE-2025-58413
CVE
CVE-2025-25249
CVE
CVE-2025-53844
CVE
CVE-2025-54821
CVE
Fortinet Multiple Products Stack-Based Buffer Overflow Vulnerability
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.