CISA Catalog
Data sourced from the official CISA Known Exploited Vulnerabilities Catalog. Federal agencies are required to remediate these vulnerabilities by the due date per BOD 22-01.
KEV Entries
1,619
Ransomware Use
327
Overdue
1,615
Vendors
266
Products
655
26 results · Page 1/2
Fortinet FortiClient EMS SQL Injection Vulnerability
Fortinet · FortiClient EMS
Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Fortinet FortiClient EMS Improper Access Control Vulnerability
Fortinet · FortiClient EMS
Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel Vulnerability
Fortinet · Multiple Products
Fortinet FortiAnalyzer, FortiManager, FortiOS, and FortiProxy contain an authentication bypass using an alternate path or channel that could allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices.
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability
Fortinet · Multiple Products
Fortinet FortiOS, FortiSwitchMaster, FortiProxy, and FortiWeb contain an improper verification of cryptographic signature vulnerability that may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML message. Please be aware that CVE-2025-59719 pertains to the same problem and is mentioned in the same vendor advisory. Ensure to apply all patches mentioned in the advisory.
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Fortinet FortiWeb OS Command Injection Vulnerability
Fortinet · FortiWeb
Fortinet FortiWeb contains an OS command Injection vulnerability that may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands.
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Fortinet FortiWeb Path Traversal Vulnerability
Fortinet · FortiWeb
Fortinet FortiWeb contains a relative path traversal vulnerability that may allow an unauthenticated attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests.
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Fortinet FortiWeb SQL Injection Vulnerability
Fortinet · FortiWeb
Fortinet FortiWeb contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests.
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Fortinet FortiOS Use of Hard-Coded Credentials Vulnerability
Fortinet · FortiOS
Fortinet FortiOS contains a use of hard-coded credentials vulnerability that could allow an attacker to cipher sensitive data in FortiOS configuration backup file via knowledge of the hard-coded key.
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Fortinet Multiple Products Stack-Based Buffer Overflow Vulnerability
Fortinet · Multiple Products
Fortinet FortiFone, FortiVoice, FortiNDR and FortiMail contain a stack-based overflow vulnerability that may allow a remote unauthenticated attacker to execute arbitrary code or commands via crafted HTTP requests.
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
Fortinet · FortiOS and FortiProxy
Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that allows a remote attacker to gain super-admin privileges via crafted CSF proxy requests.
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
Fortinet · FortiOS and FortiProxy
Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that may allow an unauthenticated, remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Fortinet FortiManager Missing Authentication Vulnerability
Fortinet · FortiManager
Fortinet FortiManager contains a missing authentication vulnerability in the fgfmd daemon that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Fortinet Multiple Products Format String Vulnerability
Fortinet · Multiple Products
Fortinet FortiOS, FortiPAM, FortiProxy, and FortiWeb contain a format string vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Fortinet FortiClient EMS SQL Injection Vulnerability
Fortinet · FortiClient EMS
Fortinet FortiClient EMS contains a SQL injection vulnerability that allows an unauthenticated attacker to execute commands as SYSTEM via specifically crafted requests.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Fortinet FortiOS Out-of-Bound Write Vulnerability
Fortinet · FortiOS
Fortinet FortiOS contains an out-of-bound write vulnerability that allows a remote unauthenticated attacker to execute code or commands via specially crafted HTTP requests.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability
Fortinet · FortiOS and FortiProxy SSL-VPN
Fortinet FortiOS and FortiProxy SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute code or commands via specifically crafted requests.
Required Action
Apply updates per vendor instructions.
Fortinet FortiOS Path Traversal Vulnerability
Fortinet · FortiOS
Fortinet FortiOS contains a path traversal vulnerability that may allow a local privileged attacker to read and write files via crafted CLI commands.
Required Action
Apply updates per vendor instructions.
Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability
Fortinet · FortiOS
Multiple versions of Fortinet FortiOS SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute arbitrary code or commands via specifically crafted requests.
Required Action
Apply updates per vendor instructions.
Fortinet Multiple Products Authentication Bypass Vulnerability
Fortinet · Multiple Products
Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an authentication bypass vulnerability that could allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
Required Action
Apply updates per vendor instructions.
Fortinet FortiOS and FortiADC Improper Access Control Vulnerability
Fortinet · FortiOS and FortiADC
Fortinet FortiOS and FortiADC contain an improper access control vulnerability that allows attackers to obtain the LDAP server login credentials configured in FortiGate by pointing a LDAP server connectivity test request to a rogue LDAP server.
Required Action
Apply updates per vendor instructions.
Fortinet FortiOS and FortiProxy Improper Authorization
Fortinet · FortiOS and FortiProxy
An Improper Authorization vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthenticated attacker to modify the password.
Required Action
Apply updates per vendor instructions.
Fortinet FortiOS and FortiProxy Out-of-bounds Write
Fortinet · FortiOS and FortiProxy
A heap buffer overflow in Fortinet FortiOS and FortiProxy may cause the SSL VPN web service termination for logged in users.
Required Action
Apply updates per vendor instructions.
Fortinet FortiOS Arbitrary File Download
Fortinet · FortiOS
Fortinet FortiOS "execute restore src-vis" downloads code without integrity checking, allowing an attacker to arbitrarily download files.
Required Action
Apply updates per vendor instructions.
Fortinet FortiOS Default Configuration Vulnerability
Fortinet · FortiOS
Fortinet FortiOS contains a default configuration vulnerability that may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the Lightweight Directory Access Protocol (LDAP) server.
Required Action
Apply updates per vendor instructions.
Fortinet FortiOS SSL VPN Improper Authentication Vulnerability
Fortinet · FortiOS
Fortinet FortiOS SSL VPN contains an improper authentication vulnerability that may allow a user to login successfully without being prompted for the second factor of authentication (FortiToken) if they change the case in their username.
Required Action
Apply updates per vendor instructions.
