← back
CVE-2025-67862

CVE-2025-67862

CVSS 6 MEDIUMEPSS 0.1%CWE-1244
In short

A vulnerability in Fortinet FortiOS and FortiProxy allows authenticated administrators to run unauthorized Lua scripts by sending specially crafted commands. This could let an admin perform unintended actions on the device beyond their normal permissions.

Technical detail

CWE-1244 exposes internal debug functionality through unsafe access levels in FortiOS/FortiProxy CLI. An authenticated admin can craft CLI commands to execute arbitrary Lua scripts, bypassing intended restrictions. Attack requires valid admin credentials and access to CLI interface; impact includes unauthorized code execution and potential system compromise.

Summary generated and translated by AI from the official description.
An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability [CWE-1244] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.10, FortiProxy 7.2.0 through 7.2.14, FortiProxy 7.0 all versions may allow an authenticated admin to execute lua scripts via crafted CLI commands.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Affected products
Fortinet · FortiOSFortinet · FortiProxy

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://fortiguard.fortinet.com/psirt/FG-IR-26-143