CVE-2025-22254 — Improper Privilege Management in Fortinet Fortios

CWE-269 — Improper Privilege Management4 documents4 sources

Severity

7.2HIGHNVD

CNA6.6

EPSS

0.2%

top 55.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Fortinet Fortios Fortinet Fortiproxy Fortinet Fortiweb

Timeline

PublishedJun 10

Description

An Improper Privilege Management vulnerability [CWE-269] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.1, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4.0 through 6.4.15, FortiProxy 7.6.0 through 7.6.1, FortiProxy 7.4.0 through 7.4.7, FortiWeb 7.6.0 through 7.6.1, FortiWeb 7.4.0 through 7.4.6 allows an authenticated attacker with at least read-only admin permissions to gain super-admin privileges via crafted requests to Node.js websocke…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages6 packages

▶NVDfortinet/fortios6.4.0 — 6.4.16+4

▶CVEListV5fortinet/fortios7.6.0 — 7.6.1+4

▶NVDfortinet/fortiweb7.4.0 — 7.4.7+1

▶NVDfortinet/fortiproxy7.4.0 — 7.4.8+1

▶CVEListV5fortinet/fortiweb7.6.0 — 7.6.1+1

🔴Vulnerability Details

GHSA

GHSA-r2j8-539m-45q5: An Improper Privilege Management vulnerability [CWE-269] affecting Fortinet FortiOS version 7↗2025-06-10

▶

CVEList

CVE-2025-22254: An Improper Privilege Management vulnerability [CWE-269] vulnerability in Fortinet FortiOS 7↗2025-06-10

▶

📋Vendor Advisories

Fortinet

Privilege escalation in GUI websocket module↗2025-06-10

▶