Stack-based Buffer Overflow in Fortinet FortiManager Products
CVE-2025-54820

7HIGH

Key Information:

Vendor: Fortinet
Status: Fortimanager
Vendor: CVE Published:; 10 March 2026

What is CVE-2025-54820?

A stack-based buffer overflow vulnerability exists in Fortinet FortiManager versions 6.4, 7.2, and 7.4. The vulnerability arises from inadequate stack protection mechanisms, allowing a remote unauthenticated attacker to potentially execute unauthorized commands through specially crafted requests, provided the relevant service is enabled. This could lead to significant security risks if not addressed promptly.

Affected Version(s)

FortiManager 7.4.0 <= 7.4.2

FortiManager 7.2.0 <= 7.2.10

FortiManager 6.4.0 <= 6.4.15

References

https://fortiguard.fortinet.com/psirt/FG-IR-26-098

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 10, 2026
Vulnerability Reserved
Jul 30, 2025

CVE-2025-54820 Data

JSON