Main Vulnerability Database Vulnerabilities #VU118600

#VU118600 Buffer overflow in FortiExtender - CVE-2025-46776

Published: November 18, 2025

Vulnerability identifier: #VU118600

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-46776

CWE-ID: CWE-120

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
FortiExtender

Software vendor:
Fortinet, Inc

Description

The vulnerability allows a local privileged user to execute arbitrary code.

The vulnerability exists due to buffer overflow. An authenticated user can execute arbitrary code or commands via crafted CLI commands.

Install update from vendor's website.