Authentication Bypass Vulnerability in Fortinet's FortiOS and FortiProxy Products
CVE-2025-22862
6.3MEDIUM
What is CVE-2025-22862?
An Authentication Bypass vulnerability exists in FortiOS and FortiProxy where an authenticated attacker could exploit the Automation Stitch component by triggering a malicious Webhook action, leading to the potential escalation of privileges. This flaw is present in several versions of the Fortinet products, making it critical for users to assess their environments and apply necessary mitigations.
Affected Version(s)
FortiOS 7.4.0 <= 7.4.7
FortiOS 7.2.0 <= 7.2.11
FortiOS 7.0.6 <= 7.0.17