CVE-2025-54821

Description

An Improper Privilege Management vulnerability [CWE-269] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.11, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3 all versions, FortiPAM 1.2 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions, FortiSASE 25.2.91 may allow an authenticated administrator to bypass the trusted host policy via crafted CLI command.

CVSS breakdown

Affected products

• fortinet / FortiOS6.4.0 – 6.4.0
• fortinet / FortiOS7.0.1 – 7.0.1
• fortinet / FortiOS7.0.0 – 7.0.0
• fortinet / FortiOS6.4.16 – 6.4.16
• fortinet / FortiOS6.4.15 – 6.4.15
• fortinet / FortiOS6.4.14 – 6.4.14
• fortinet / FortiOS6.4.13 – 6.4.13
• fortinet / FortiOS6.4.12 – 6.4.12
• fortinet / FortiOS6.4.11 – 6.4.11
• fortinet / FortiOS6.4.10 – 6.4.10
• fortinet / FortiOS6.4.9 – 6.4.9
• fortinet / FortiOS6.4.8 – 6.4.8
• fortinet / FortiOS6.4.7 – 6.4.7
• fortinet / FortiOS6.4.6 – 6.4.6
• fortinet / FortiOS6.4.5 – 6.4.5
• fortinet / FortiOS6.4.4 – 6.4.4
• fortinet / FortiOS6.4.3 – 6.4.3
• fortinet / FortiOS6.4.2 – 6.4.2
• fortinet / FortiOS6.4.1 – 6.4.1
• fortinet / FortiOS7.6.3 – 7.6.3
• fortinet / FortiOS7.6.2 – 7.6.2
• fortinet / FortiOS7.6.1 – 7.6.1
• fortinet / FortiOS7.6.0 – 7.6.0
• fortinet / FortiOS7.4.11 – 7.4.11
• fortinet / FortiOS7.4.10 – 7.4.10
• fortinet / FortiOS7.4.9 – 7.4.9
• fortinet / FortiOS7.4.8 – 7.4.8
• fortinet / FortiOS7.4.7 – 7.4.7
• fortinet / FortiOS7.4.6 – 7.4.6
• fortinet / FortiOS7.4.5 – 7.4.5
• fortinet / FortiOS7.4.4 – 7.4.4
• fortinet / FortiOS7.4.3 – 7.4.3
• fortinet / FortiOS7.4.2 – 7.4.2
• fortinet / FortiOS7.4.1 – 7.4.1
• fortinet / FortiOS7.4.0 – 7.4.0
• fortinet / FortiOS7.2.13 – 7.2.13
• fortinet / FortiOS7.2.12 – 7.2.12
• fortinet / FortiOS7.2.11 – 7.2.11
• fortinet / FortiOS7.2.10 – 7.2.10
• fortinet / FortiOS7.2.9 – 7.2.9
• fortinet / FortiOS7.2.8 – 7.2.8
• fortinet / FortiOS7.2.7 – 7.2.7
• fortinet / FortiOS7.2.6 – 7.2.6
• fortinet / FortiOS7.2.5 – 7.2.5
• fortinet / FortiOS7.2.4 – 7.2.4
• fortinet / FortiOS7.2.3 – 7.2.3
• fortinet / FortiOS7.2.2 – 7.2.2
• fortinet / FortiOS7.2.1 – 7.2.1
• fortinet / FortiOS7.2.0 – 7.2.0
• fortinet / FortiOS7.0.19 – 7.0.19
• fortinet / FortiOS7.0.18 – 7.0.18
• fortinet / FortiOS7.0.17 – 7.0.17
• fortinet / FortiOS7.0.16 – 7.0.16
• fortinet / FortiOS7.0.15 – 7.0.15
• fortinet / FortiOS7.0.14 – 7.0.14
• fortinet / FortiOS7.0.13 – 7.0.13
• fortinet / FortiOS7.0.12 – 7.0.12
• fortinet / FortiOS7.0.11 – 7.0.11
• fortinet / FortiOS7.0.10 – 7.0.10
• fortinet / FortiOS7.0.9 – 7.0.9
• fortinet / FortiOS7.0.8 – 7.0.8
• fortinet / FortiOS7.0.7 – 7.0.7
• fortinet / FortiOS7.0.6 – 7.0.6
• fortinet / FortiOS7.0.5 – 7.0.5
• fortinet / FortiOS7.0.4 – 7.0.4
• fortinet / FortiOS7.0.3 – 7.0.3
• fortinet / FortiOS7.0.2 – 7.0.2
• fortinet / fortipam1.6.0 – 1.6.0
• fortinet / fortipam1.5.0 – 1.5.0
• fortinet / fortipam1.4.3 – 1.4.3
• fortinet / fortipam1.4.2 – 1.4.2
• fortinet / fortipam1.4.1 – 1.4.1
• fortinet / fortipam1.4.0 – 1.4.0
• fortinet / fortipam1.3.1 – 1.3.1
• fortinet / fortipam1.3.0 – 1.3.0
• fortinet / fortipam1.2.0 – 1.2.0
• fortinet / fortipam1.1.2 – 1.1.2
• fortinet / fortipam1.1.1 – 1.1.1
• fortinet / fortipam1.1.0 – 1.1.0
• fortinet / fortipam1.0.3 – 1.0.3
• fortinet / fortipam1.0.2 – 1.0.2
• fortinet / fortipam1.0.1 – 1.0.1
• fortinet / fortipam1.0.0 – 1.0.0
• fortinet / fortipam1.5.1 – 1.5.1
• fortinet / fortisase25.2.91 – 25.2.91

References

• VENDOR_ADVISORYhttps://fortiguard.fortinet.com/psirt/FG-IR-25-545