What is the CVSS score of CVE-2025-53844?

CVE-2025-53844 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Fortinet FortiOS are affected by CVE-2025-53844?

Fortinet FortiOS versions 7.2.0-7.2.11, 7.4.0-7.4.8, and 7.6.0-7.6.3 contain a high-severity remote code execution vulnerability (CVSS 8.8) that allows authenticated users with low-privilege network…

How to fix or mitigate CVE-2025-53844?

Within 24 hours: Verify which FortiOS versions are deployed across your FortiGate infrastructure and confirm whether systems fall within vulnerable ranges (7.2.0-7.2.11, 7.4.0-7.4.8, 7.6.0-7.6.3); inventory all service accounts with low-privilege network access to affected appliances. Within 7 days: Implement network segmentation to restrict low-privilege account access to FortiOS management interfaces; enable enhanced logging and monitoring on FortiOS appliances for authentication and code execution events; contact Fortinet support for ETA on patched versions and request interim guidance. Within 30 days: Apply vendor-released patches to all affected FortiOS versions immediately upon availability; conduct forensic review of firewall logs for suspicious authenticated activity; validate that all administrative access uses high-privilege accounts with MFA enabled.

Fortinet FortiOS CVE-2025-53844

EUVD-2025-209802 HIGH

Out-of-bounds Write (CWE-787)

2026-05-12 fortinet

GHSA-67q8-5ppc-5hgr

Buffer Overflow Fortinet Memory Corruption

8.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Updated

May 12, 2026 - 18:30 vuln.today

v2 (cvss_changed)

Re-analysis Queued

May 12, 2026 - 18:22 vuln.today

cvss_changed

CVSS changed

May 12, 2026 - 18:22 NVD

8.3 (HIGH) 8.8 (HIGH)

Analysis Generated

May 12, 2026 - 18:00 vuln.today

CVE Published

May 12, 2026 - 16:54 nvd

HIGH 8.3

DescriptionNVD

A out-of-bounds write vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11 allows attacker to execute unauthorized code or commands via specially crafted packets.

AnalysisAI

Remote code execution in Fortinet FortiOS 7.2.0-7.2.11, 7.4.0-7.4.8, and 7.6.0-7.6.3 enables authenticated attackers to execute arbitrary code via malformed network packets. The out-of-bounds write vulnerability (CWE-787) affects FortiOS firewall appliances and requires only low-privilege credentials to exploit over the network. Fortinet published advisory FG-IR-26-123 confirming the vulnerability. No CISA KEV listing or public exploit code identified at time of analysis, though the straightforward network attack vector (AV:N/AC:L) suggests moderate weaponization potential once details emerge.

Technical ContextAI

This is an out-of-bounds write (CWE-787) vulnerability in FortiOS, the operating system powering Fortinet's FortiGate firewall appliances. Out-of-bounds writes occur when software writes data past the allocated memory buffer boundary, enabling attackers to corrupt adjacent memory regions, overwrite function pointers, or inject executable code. The CPE string (cpe:2.3:a:fortinet:fortios) indicates this affects the FortiOS application layer across multiple major version branches. The network-accessible attack surface combined with memory corruption suggests the vulnerability likely resides in a packet processing routine - possibly IPsec, SSL VPN, firewall rule parsing, or another protocol handler that processes externally-supplied packet data before full authentication enforcement. The requirement for low privileges (PR:L) indicates exploitation occurs post-authentication but with minimal access rights, affecting both admin and limited-privilege user sessions.

RemediationAI

Apply Fortinet's security patches immediately per advisory FG-IR-26-123 at https://fortiguard.fortinet.com/psirt/FG-IR-26-123. The advisory should specify fixed versions for each affected branch (typically 7.2.12+, 7.4.9+, 7.6.4+, though exact versions must be confirmed from Fortinet's advisory as patch version data was not provided in source intelligence). Until patching is complete, implement these compensating controls with noted trade-offs: (1) Restrict management interface access to trusted internal IP ranges only via firewall rules - reduces attack surface but complicates remote administration, requiring jump hosts or VPN; (2) Enforce multi-factor authentication for all FortiOS administrative accounts - raises attacker cost for credential theft but doesn't prevent exploitation if credentials are compromised via session hijacking; (3) Monitor for anomalous authenticated sessions with unusual packet patterns or memory consumption spikes - provides detection capability but requires SIEM integration and tuning to reduce false positives. Organizations unable to patch immediately should prioritize controls (1) and (2) as defense-in-depth, recognizing these mitigations delay but do not eliminate exploitation risk.

CVE-2025-53844 vulnerability details – vuln.today

Back

Fortinet FortiOS CVE-2025-53844

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code