- Description
- An Incorrect Provision of Specified Functionality vulnerability [CWE-684] in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2.5 through 7.2.10, 7.0.0 through 7.0.15, 6.4 all versions may allow a local authenticated attacker to execute system commands via crafted CLI commands.
- Source
- psirt@fortinet.com
- NVD status
- Analyzed
- Products
- fortios
CVSS 3.1
- Type
- Primary
- Base score
- 6.7
- Impact score
- 5.9
- Exploitability score
- 0.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- MEDIUM
- psirt@fortinet.com
- CWE-684
- Hype score
- Not currently trending
CVE-2025-58325 An Incorrect Provision of Specified Functionality vulnerability [CWE-684] in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2.5 through 7.2.10, 7.0.0 through 7.0.15, 6.4 all v… https://t.co/KIncEze1Xs
@CVEnew
16 Oct 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Un error en FortiOS permite a usuarios locales ejecutar comandos como root Fortinet reveló una vulnerabilidad de severidad alta (CVE-2025-58325) en su sistema operativo FortiOS. Afecta a múltiples modelos de firewalls y appliances. Y permite a un atacante local con
@CycuraMX
16 Oct 2025
15354 Impressions
56 Retweets
143 Likes
50 Bookmarks
2 Replies
3 Quotes
FortiOS: Bypass de restricciones CLI permite ejecutar comandos del sistema (CVE-2025-58325) Más información: https://t.co/gXb9N1HRgk https://t.co/V2jDgaJO3u
@CSIRT_Telconet
16 Oct 2025
83 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
FortiOS CLI Bypass Lets Attackers Run Arbitrary Commands Fortinet disclosed CVE-2025-58325, a FortiOS vulnerability allowing admins to bypass CLI restrictions and execute unauthorized commands. Discovered by Fortinet PSIRT, the flaw poses significant security risks. Published ht
@Secwiserapp
15 Oct 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinetは、同社のファイアウォール製品などで使用されるFortiOSオペレーティングシステムに、ローカルで認証された攻撃者が任意のシステムコマンドを実行できる重大な脆弱性(CVE-2025-58325)を公表した。
@yousukezan
14 Oct 2025
2988 Impressions
4 Retweets
16 Likes
3 Bookmarks
0 Replies
0 Quotes
FortiOS CVE-2025-58325: CLI Command Bypass A new flaw in FortiOS lets attackers bypass CLI command restrictions. Privilege escalation is possible until patched. For more details, read ZeroPath's blog on this vuln. #AppSec #InfoSec #NetworkSecurity https://t.co/qk2Md8Qjxt
@ZeroPathLabs
14 Oct 2025
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
**CVE-2025-58325** pertains to an **Incorrect Provision of Specified Functionality** vulnerability, classified under **CWE-684**. This flaw exists in various versions of **FortiOS**, a widely used network security operating system, and allows an **authenticated local attacker**
@CveTodo
14 Oct 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA0532A5-31F2-4A92-BF31-6003E28AC948",
"versionEndExcluding": "7.0.16",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4386465B-EFF9-41BA-B393-82135A2591DE",
"versionEndExcluding": "7.2.11",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "199954FD-1280-46F8-8515-7591CE75A1E5",
"versionEndExcluding": "7.4.6",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44CE8EE3-D64A-49C8-87D7-C18B302F864A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]