CVE-2025-47294Integer Overflow or Wraparound in Fortinet Fortios

CWE-190Integer Overflow or Wraparound4 documents4 sources
Severity
5.3MEDIUMNVD
EPSS
0.3%
top 48.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Fortinet Fortios
Timeline
PublishedMay 28

Description

A integer overflow or wraparound in Fortinet FortiOS versions 7.2.0 through 7.2.7, versions 7.0.0 through 7.0.14 may allow a remote unauthenticated attacker to crash the csfd daemon via a specially crafted request.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

NVDfortinet/fortios6.4.07.0.15+1
CVEListV5fortinet/fortios7.2.07.2.7+2

🔴Vulnerability Details

2
CVEList
CVE-2025-47294: A integer overflow or wraparound in Fortinet FortiOS versions 72025-05-28
GHSA
GHSA-whfg-pc46-w8v3: A integer overflow or wraparound in Fortinet FortiOS versions 72025-05-28

📋Vendor Advisories

1
Fortinet
Denial of Service in Security Fabric Root2025-05-28
CVE-2025-47294 — Integer Overflow or Wraparound | cvebase