CVE-2025-22252
Published May 28, 2025
Last updated 4 days ago
AI description
CVE-2025-22252 is a missing authentication vulnerability found in Fortinet's FortiOS, FortiProxy, and FortiSwitchManager. It affects devices configured to use a remote TACACS+ server for authentication with ASCII authentication enabled. This vulnerability could allow an attacker with knowledge of an existing administrator account to gain unauthorized access to the device as a valid administrator by bypassing authentication. Successful exploitation of CVE-2025-22252 could grant attackers unauthorized control over network infrastructure. This could lead to a compromise of system confidentiality through data exposure, integrity via configuration tampering, and availability by disrupting critical services. The vulnerability is limited to configurations using TACACS+ with ASCII authentication; PAP, MSCHAP, and CHAP configurations are not impacted.
- Description
- A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6.1, FortiSwitchManager version 7.2.5, and FortiOS versions 7.4.4 through 7.4.6 and version 7.6.0 may allow an attacker with knowledge of an existing admin account to access the device as a valid admin via an authentication bypass.
- Source
- psirt@fortinet.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 7.2
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- psirt@fortinet.com
- CWE-306
- Hype score
- Not currently trending
Security Bulletin: Critical Fortinet TACACS+ vuln (CVE-2025-22252) allows admin auth bypass in GUI. Affected: FortiOS 7.4.4–7.4.6, 7.6.0; FortiProxy 7.6.0–7.6.1; FortiSwitchManager 7.2.5. Patch now to reduce risk. #ThreatIntel #RedLeggCTI #Fortinet https://t.co/oiQEW9mnuu
@RedLegg
3 Jun 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-22252 (CVSS:9.8, CRITICAL) is Awaiting Analysis. A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6.1, FortiSwitchManager v..https://t.co/0wq1peZIvV #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
2 Jun 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Critical Vulnerability found in FortiOS, FortiProxy & FortiSwitchManager (CVE-2025-22252). Please see the @ncsc_gov_ie advisory for more info: https://t.co/BPowwLJiwt
@ncsc_gov_ie
30 May 2025
258 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-22252 ⚠️🔴 CRITICAL (9) 🏢 Fortinet - FortiProxy 🏗️ 7.6.0 🔗 https://t.co/DpjuVN8Fqv #CyberCron #VulnAlert #InfoSec https://t.co/v8l5Awfuui
@cybercronai
29 May 2025
76 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🟥 CVE-2025-22252, CVSS: 9.8 (#Critical) #Fortinet FortiProxy FortiSwitchManager and FortiOS missing authentication for critical functions Allows attackers with knowledge of an existing admin account to bypass authentication #CyberSecurity https://t.co/8394Cw3iIC
@UjlakiMarci
28 May 2025
2651 Impressions
10 Retweets
34 Likes
11 Bookmarks
1 Reply
0 Quotes
🚨 Critical Fortinet vulnerability (CVE-2025-22252) allows admin access bypass via TACACS+ misconfig. Affects FortiOS, FortiProxy, and more. CVSS 9.8 — patch now!⚠️ Details: https://t.co/TVbnvnyz0K #CyberSecurity #Fortinet #Vulnerability
@threatsbank
28 May 2025
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Security Alert: CVE-2025-22252: Escalation of privilege in Fortinet FortiProxy (CVE-2025-22252) https://t.co/IfpBkjEmC1
@offseq
28 May 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-22252 A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6.1, FortiSwitchManager version 7.2.5, and FortiOS versions 7.4.4 throu… https://t.co/8D3WDVwE1M
@CVEnew
28 May 2025
431 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-22252: CRITICAL] Critical security flaw in Fortinet products: Missing authentication in FortiProxy v7.6.0-7.6.1, FortiSwitchManager v7.2.5, and FortiOS v7.4.4-7.4.6 & v7.6.0 allows admin access via...#cve,CVE-2025-22252,#cybersecurity https://t.co/5Ncx8Ijo49 https:/
@CveFindCom
28 May 2025
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-22252 ¡Ojo raza! Fortinet con TACACS+ en ASCII deja entrar sin password 😱 Nomás con el user admin ya tienes el control total. Si no parchas, te van a tumbar el changarro. https://t.co/drJwnWRyI5
@tpx_Security
17 May 2025
643 Impressions
2 Retweets
1 Like
1 Bookmark
0 Replies
1 Quote
⚠️Vulnerabilidades en los productos de Fortinet ❗CVE-2025-32756 ❗CVE-2025-22252 ❗CVE-2025-25251 ➡️Más info: https://t.co/ajngm8ye1c https://t.co/vjs73iPkKx
@CERTpy
16 May 2025
142 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
Vulnerabilidad crítica de omisión de autenticación, CVE-2025-22252 (CVSS: 9.0), en los productos FortiOS, FortiProxy y FortiSwitchManager configurados para usar TACACS+ con autenticación ASCII. Más información: https://t.co/gXU8l9r0LC https://t.co/BUMk1tFku7
@CSIRT_Telconet
15 May 2025
68 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-22252: Bypass Authentication in FortiOS/FrotiProxy, 9.0 rating 🔥 Systems configured to use TACACS+ with ASCII auth may be affected by a new vulnerability. Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/0TqlR1DK7j #cybersecurity #vulnerability_map https:
@Netlas_io
15 May 2025
50 Impressions
0 Retweets
1 Like
2 Bookmarks
0 Replies
0 Quotes
Fortinet Patches Critical TACACS+ Authentication Bypass (CVE-2025-22252) in FortiOS and FortiProxy https://t.co/0FFyztQy1X
@the_yellow_fall
15 May 2025
386 Impressions
2 Retweets
4 Likes
0 Bookmarks
0 Replies
1 Quote
🔥 Urgent: Fortinet's CVE-2025-22252 flaw lets hackers bypass auth & seize control of FortiOS, FortiProxy, & FortiSwitchManager! Patch ASAP to stay secure! 🛡️ #Cybersecurity #Fortinet #PatchNow https://t.co/xVB2ybkwDB
@CyberWolfGuard
13 May 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1A9E35E-AA55-44C4-BAAC-2E44E6DCE2EF"
},
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E5AF7C2-3954-4931-8929-7D1A3A9B4FAA"
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E4A264B-EFE6-466C-8E86-3DA465C4751C",
"versionEndExcluding": "7.4.7",
"versionStartIncluding": "7.4.4"
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "44CE8EE3-D64A-49C8-87D7-C18B302F864A"
}
],
"operator": "OR"
}
]
}
]