PT-2025-41948 · Fortinet · Fortiproxy+1

Published

2025-10-14

Updated

2025-10-16

CVE-2025-25253

CVSS v3.1

7.5

High

Vector

AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions FortiProxy versions 7.0 through 7.6.1 FortiOS versions 7.0 through 7.6.2

Description An improper validation of certificate with host mismatch exists in ZTNA proxy, potentially allowing an unauthenticated attacker in a man-in-the-middle position to intercept and tamper with connections. This issue affects FortiProxy and FortiOS ZTNA.

Recommendations FortiProxy versions 7.0 through 7.6.1 should be updated. FortiOS versions 7.0 through 7.6.2 should be updated.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-297

Related Identifiers

BDU:2025-13338

CVE-2025-25253

Affected Products

Fortios

Fortiproxy

PT-2025-41948 · Fortinet · Fortiproxy+1

CVE-2025-25253

Weakness Enumeration

Related Identifiers

Affected Products

References · 9