PT-2026-24234 · Fortinet · Fortimanager
Published
2026-03-10
·
Updated
2026-03-18
·
CVE-2025-54820
CVSS v3.1
8.1
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Fortinet FortiManager versions 7.2.0 through 7.2.10
Fortinet FortiManager versions 7.4.0 through 7.4.2
Fortinet FortiManager 6.4 all versions
Description
A stack-based buffer overflow flaw exists in Fortinet FortiManager. A remote, unauthenticated attacker could potentially execute arbitrary commands by sending specially crafted requests, provided the service is enabled. Successful exploitation may depend on bypassing stack protection mechanisms.
Recommendations
FortiManager versions 7.2.0 through 7.2.10 should be updated.
FortiManager versions 7.4.0 through 7.4.2 should be updated.
FortiManager 6.4 all versions should be updated.
Fix
RCE
Buffer Overflow
Memory Corruption
Stack Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Fortimanager