CVE-2025-54821

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-54821

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-54821.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-54821

Published

2025-11-18T17:16:03.490Z

Modified

2026-03-13T03:33:25.341606Z

Severity

6.0 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N CVSS Calculator

Summary

[none]

Details

An Improper Privilege Management vulnerability [CWE-269] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3 all versions, FortiPAM 1.2 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4 all versions, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions may allow an authenticated administrator to bypass the trusted host policy via crafted CLI command.

References

https://fortiguard.fortinet.com/psirt/FG-IR-25-545

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-54821.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "7.0.0"
            },
            {
                "fixed": "7.6.4"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "1.0.0"
            },
            {
                "fixed": "1.6.1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "6.4.0"
            },
            {
                "fixed": "7.6.4"
            }
        ]
    }
]