CVE-2025-57740HIGH 7.5EPSS p45.0%

CVE-2025-57740CVE-2025-57740

fortinet / fortiproxy

Description

An Heap-based Buffer Overflow vulnerability [CWE-122] in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.0 all versions, 6.4 all versions; FortiPAM version 1.5.0, version 1.4.2 and below, 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions and FortiProxy version 7.6.2 and below, version 7.4.3 and below, 7.2 all versions, 7.0 all versions RDP bookmark connection may allow an authenticated user to execute unauthorized code via crafted requests.

Scoring

CVSS 3.17.5 (HIGH)
VectorCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.62% probability of exploitation · percentile 45.0% · 2026-06-19T12:03:05Z
Published2025-10-14
Last modified2026-06-09

Underlying weaknesses· 1

CWE-122

References

  1. https://fortiguard.fortinet.com/psirt/FG-IR-25-756

1

TypeTargetConfidenceTier
WeaknessHeap-based Buffer Overflowcwe-1220%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-25248
CVE
CVE-2025-25249
CVE
CVE-2025-58413
CVE
CVE-2025-53843
CVE
CVE-2025-54820
CVE
CVE-2025-53844
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.