Out-of-Bounds Write Vulnerability in Fortinet FortiADC Products
CVE-2025-48839

6.3MEDIUM

Key Information:

Vendor: Fortinet
Status: Fortiadc
Vendor: CVE Published:; 18 November 2025

What is CVE-2025-48839?

An Out-of-bounds Write vulnerability exists in multiple versions of Fortinet's FortiADC, which may permit an authenticated attacker to execute arbitrary code. This weakness can be exploited through specially crafted HTTP requests, potentially leading to unauthorized actions within the affected system. Organizations using FortiADC versions 8.0.0 and earlier should assess their security posture and implement mitigations as necessary.

Affected Version(s)

FortiADC 8.0.0

FortiADC 7.6.0 <= 7.6.2

FortiADC 7.4.0 <= 7.4.7

References

https://fortiguard.fortinet.com/psirt/FG-IR-25-225

CVSS V3.1

Score:

6.3

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 18, 2025
Vulnerability Reserved
May 27, 2025

JSON