Main Vulnerability Database Vulnerabilities #VU117135

Information disclosure in FortiADC - CVE-2025-59921

Published: October 14, 2025

Vulnerability identifier: #VU117135

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-59921

CWE-ID: CWE-200

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Fortinet, Inc

Affected software:
FortiADC

Detailed vulnerability description

The vulnerability allows a remote authenticated user to gain access to sensitive information.

The vulnerability exists due to exposure of sensitive information to an unauthorized actor in clear text. An authenticated attacker can obtain sensitive data via crafted HTTP or HTTPS requests.

How to mitigate CVE-2025-59921

Install update from vendor's website.

Sources

https://www.fortiguard.com/psirt/FG-IR-25-861

Information disclosure in FortiADC - CVE-2025-59921

Detailed vulnerability description

How to mitigate CVE-2025-59921

Sources

Please verify you're human