Heap-based Buffer Overflow Vulnerability in Fortinet FortiClient
CVE-2025-46373

7.1HIGH

Key Information:

Vendor: Fortinet
Status: Forticlientwindows
Vendor: CVE Published:; 18 November 2025

What is CVE-2025-46373?

A heap-based buffer overflow vulnerability exists in Fortinet FortiClient across specific versions. This flaw allows an authenticated local IPSec user to execute arbitrary code or commands by exploiting the 'fortips_74.sys' component. The attacker may gain elevated privileges by bypassing Windows heap integrity protections, posing a significant risk to affected systems.

Affected Version(s)

FortiClientWindows 7.4.0 <= 7.4.3

FortiClientWindows 7.2.0 <= 7.2.8

References

https://fortiguard.fortinet.com/psirt/FG-IR-25-125

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 18, 2025
Vulnerability Reserved
Apr 23, 2025

JSON