CVE-2025-22254

Name of the Vulnerable Software and Affected Versions Fortinet FortiOS versions 7.6.0 through 7.6.1 Fortinet FortiOS versions 7.4.0 through 7.4.6 Fortinet FortiOS versions 7.2.0 through 7.2.10 Fortinet FortiOS versions 7.0.0 through 7.0.16 Fortinet FortiOS version before 6.4.15 FortiProxy versions 7.6.0 through 7.6.1 FortiProxy version before 7.4.7 FortiWeb versions 7.6.0 through 7.6.1 FortiWeb version before 7.4.6

Description The issue is related to improper privilege management, allowing an authenticated attacker with at least read-only admin permissions to gain super-admin privileges. This is achieved by sending crafted requests to the Node.js websocket module.

Recommendations For Fortinet FortiOS versions 7.6.0 through 7.6.1, update to a version outside of the affected range. For Fortinet FortiOS versions 7.4.0 through 7.4.6, update to a version outside of the affected range. For Fortinet FortiOS versions 7.2.0 through 7.2.10, update to a version outside of the affected range. For Fortinet FortiOS versions 7.0.0 through 7.0.16, update to a version outside of the affected range or at least 6.4.15. For FortiProxy versions 7.6.0 through 7.6.1, update to a version at least 7.4.7. For FortiWeb versions 7.6.0 through 7.6.1, update to a version at least 7.4.6. As a temporary workaround, consider restricting access to the Node.js websocket module until a patch is available.