CVE-2025-53844

HIGH

FortiOS 7.6.0-7.6.3, 7.4.0-7.4.8, 7.2.0-7.2.11 - Out-of-bounds Write via Specially Crafted Packets

Title source: llm

Description

A out-of-bounds write vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11 allows attacker to execute unauthorized code or commands via specially crafted packets.

References (1)

Core 1

Core References

https://fortiguard.fortinet.com/psirt/FG-IR-26-123

Scores

CVSS v3 8.8

EPSS 0.0002

EPSS Percentile 6.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-787

Status published

Products (8)

Fortinet/FortiOS 6.0.0 - 6.0.18

Fortinet/FortiOS 6.2.0 - 6.2.17

Fortinet/FortiOS 6.4.0 - 6.4.16

Fortinet/FortiOS 7.0.0 - 7.0.17

Fortinet/FortiOS 7.2.0 - 7.2.11

fortinet/fortios 7.2.0 - 7.2.12

Fortinet/FortiOS 7.4.0 - 7.4.8

Fortinet/FortiOS 7.6.0 - 7.6.3

Published May 12, 2026

Tracked Since May 12, 2026