FortiOS Buffer Overflow Vulnerability Allows Attackers to Execute Arbitrary Code
Fortinet disclosed a significant security flaw in its FortiOS operating system, identified as CVE-2025-24477. This heap-based buffer overflow vulnerability, classified under CWE-122, affects the cw_stad daemon and could enable an authenticated attacker to execute arbitrary code or commands through specially crafted requests.
With a CVSSv3 score of 4.0, the vulnerability is rated as medium severity, yet its potential impact, escalation of privilege, poses a serious risk to affected systems.
Affected Versions and Solutions
The vulnerability impacts specific versions of FortiOS, with Fortinet providing clear upgrade paths to mitigate the risk. Below is a detailed breakdown of the affected versions and recommended solutions:
| Version | Affected Range | Solution |
|---|---|---|
| FortiOS 7.6 | 7.6.0 through 7.6.1 | Upgrade to 7.6.3 or above |
| FortiOS 7.4 | 7.4.0 through 7.4.7 | Upgrade to 7.4.8 or above |
| FortiOS 7.2 | 7.2.4 through 7.2.11 | Upgrade to 7.2.12 or above |
| FortiOS 7.0 | Not affected | Not Applicable |
| FortiOS 6.4 | Not affected | Not Applicable |
Fortinet advises users to follow the recommended upgrade path using their official tool for a seamless transition to secure versions. This vulnerability, tracked under IR number FG-IR-25-026, underscores the importance of timely updates to safeguard network infrastructure.
Impacted Hardware Models
Certain FortiWiFi models are vulnerable if configured as wireless clients. The affected models include:
- FWF_80F_2R_3G4G_DSL
- FWF_80F_2R
- FWF_81F_2R_3G4G_DSL
- FWF_81F_2R_3G4G_POE
- FWF_81F_2R
- FWF_81F_2R_POE
- FWF_90G_2R
- FWF_91G_2R
Organizations using these models in the specified configuration should prioritize applying the necessary updates to prevent potential exploitation.
This vulnerability was internally discovered and reported by Gwendal Guégniaud of the Fortinet Product Security team. Their proactive identification of the flaw affecting a component categorized as “OTHERS,” highlights Fortinet’s commitment to maintaining the security of its products. The initial publication of this issue on July 8, 2025, marks the beginning of Fortinet’s efforts to inform and protect its user base from this threat.
While the CVSSv3 score indicates a medium severity level, the ability for an authenticated attacker to escalate privileges through arbitrary code execution is a critical concern.
This could potentially lead to unauthorized access or control over affected systems, compromising network security. Businesses and IT administrators are strongly urged to assess their FortiOS deployments and apply the recommended upgrades immediately.
Fortinet’s swift response in providing patches and detailed guidance reflects the ongoing challenges in cybersecurity, where even medium-severity vulnerabilities can have significant consequences if exploited.
Investigate live malware behavior, trace every step of an attack, and make faster, smarter security decisions -> Try ANY.RUN now
Source link
