Missing Authentication Vulnerability in Fortinet FortiOS Products
CVE-2025-53847

6.2MEDIUM

Key Information:

Vendor

Fortinet
Status
FortiOS
Vendor
CVE Published:
14 April 2026

What is CVE-2025-53847?

A missing authentication vulnerability found in Fortinet FortiOS versions allows attackers to execute unauthorized commands through specially crafted packets. This flaw can potentially lead to unauthorized access and disruption of services, making it imperative for users to update their systems to the latest patched versions to safeguard their networks.

Affected Version(s)

FortiOS 7.6.0 <= 7.6.3

FortiOS 7.4.0 <= 7.4.8

FortiOS 7.2.0 <= 7.2.11

References

https://fortiguard.fortinet.com/psirt/FG-IR-26-125

CVSS V3.1

Score:
6.2
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.