CVE-2025-24477
published 2025-07-15CVE-2025-24477: A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.4 through 7.2.12 allows an…
PriorityP180medium6.7CVSS 3.1
AVLACLPRHUINSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
0.21%
11.4th percentile
A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.4 through 7.2.12 allows an attacker to escalate its privileges via a specially crafted CLI command
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortinet | — | — |
| fortinet | fortios | — | — |
| fortinet | fortios | >= 7.2.4 < 7.2.12 | 7.2.12 |
| fortinet | fortios | 7.2.4 – 7.2.12 | — |
| fortinet | fortios | >= 7.4.0 < 7.4.8 | 7.4.8 |
| fortinet | fortios | 7.4.0 – 7.4.7 | — |
| fortinet | fortios | >= 7.6.0 < 7.6.3 | 7.6.3 |
| fortinet | fortios | 7.6.0 – 7.6.2 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability resides in the cw_stad daemon on FortiOS; monitor for unexpected privilege escalation originating from CLI command execution targeting this daemon ↗
- →Detect specially crafted CLI commands submitted to FortiOS that may trigger heap-based buffer overflow in cw_stad, potentially leading to privilege escalation ↗
- ·Affected FortiOS versions are 7.6.0–7.6.2, 7.4.0–7.4.7, and 7.2.4–7.2.12; ensure detection and patching scope covers all three branches ↗
- ·CVSS score is 4.2 (Medium) — exploitation requires some level of existing access (e.g., CLI access) to trigger the overflow; factor this into threat model and access-control reviews ↗
CVSS provenance
nvdv3.16.7MEDIUMCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
vulncheck4.2MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-36g4-wrrw-63fh: A heap-based buffer overflow in Fortinet FortiOS versions 7
ghsa_unreviewed·2025-07-15
CVE-2025-24477 [MEDIUM] CWE-122 GHSA-36g4-wrrw-63fh: A heap-based buffer overflow in Fortinet FortiOS versions 7
A heap-based buffer overflow in Fortinet FortiOS versions 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2.4 through 7.2.11 allows an attacker to escalate its privileges via a specially crafted CLI command
VulnCheck
Fortinet FortiOS Heap-based Buffer Overflow
vulncheck·2025·CVSS 4.2
CVE-2025-24477 [MEDIUM] Fortinet FortiOS Heap-based Buffer Overflow
Fortinet FortiOS Heap-based Buffer Overflow
A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.4 through 7.2.12 allows an attacker to escalate its privileges via a specially crafted CLI command
Affected: Fortinet FortiOS
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://3354902.hs-sites.com/hubfs/Consulting/TTP%20Briefing/Cybereason_TTP_Briefing_Q3-2025.pdf
Fortinet
Heap-based buffer overflow in cw_stad daemon
vendor_fortinet·2025-07-15·CVSS 4.2
CVE-2025-24477 [MEDIUM] CWE-122 Heap-based buffer overflow in cw_stad daemon
FG-IR-25-026: Heap-based buffer overflow in cw_stad daemon
A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.4 through 7.2.12 allows an attacker to escalate its privileges via a specially crafted CLI command
CVEs: CVE-2025-24477
CWEs: CWE-122
CVSS: 4.2 (medium)
Affected products: FortiOS, Fortinet
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-07-15
Published
Exploited in the wild