Improper privilege management in Fortinet, Inc products - CVE-2025-54821

 

Improper privilege management in Fortinet, Inc products - CVE-2025-54821

Published: November 18, 2025


Vulnerability identifier: #VU118604
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-54821
CWE-ID: CWE-269
Exploitation vector: Local access
Exploit availability: No public exploit available
Vendor: Fortinet, Inc
Affected software:
FortiOS
FortiPAM
FortiProxy

Detailed vulnerability description

The vulnerability allows a local privileged user to manipulate data.

The vulnerability exists due to improper privilege management via SSH. An authenticated administrator can bypass the trusted host policy via crafted CLI command.


How to mitigate CVE-2025-54821

Install update from vendor's website.

Sources