CVE-2025-54821EPSS p3.3%

CVE-2025-54821CVE-2025-54821

fortinet / fortiproxy

Description

An Improper Privilege Management vulnerability [CWE-269] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3 all versions, FortiPAM 1.2 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4 all versions, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions may allow an authenticated administrator to bypass the trusted host policy via crafted CLI command.

Scoring

CVSS 1.9 ()
VectorCVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N
EPSS0.14% probability of exploitation · percentile 3.3% · 2026-06-19T12:03:05Z
Last modified2026-06-09

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-54820
CVE
CVE-2025-49201
CVE
CVE-2025-53847
CVE
CVE-2025-22256
CVE
CVE-2025-53744
CVE
Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.