CVE-2025-54820

CVE Database · CVE-2025-54820

CVE-2025-54820

· HIGHAnalyzed

CVSS v3.1

8.1

EPSS

0.87%

Published

Mar 10, 2026

Modified

Mar 12, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A Stack-based Buffer Overflow vulnerability [CWE-121] vulnerability in Fortinet FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.10, FortiManager 6.4 all versions may allow a remote unauthenticated attacker to execute unauthorized commands via crafted requests, if the service is enabled. The success of the attack depends on the ability to bypass the stack protection mechanisms.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-121CWE-787

Affected Products (2)

fortinet · fortimanager (up to 7.2.11)vulnerable

fortinet · fortimanager (up to 7.4.3)vulnerable

References (1)

https://fortiguard.fortinet.com/psirt/FG-IR-26-098

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs