Improper privilege management in Fortinet, Inc products - CVE-2025-54821
Published: November 18, 2025
Vulnerability identifier: #VU118604
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-54821
CWE-ID: CWE-269
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Fortinet, Inc
Affected software:
FortiOS
FortiPAM
FortiProxy
FortiOS
FortiPAM
FortiProxy
Detailed vulnerability description
The vulnerability allows a local privileged user to manipulate data.
The vulnerability exists due to improper privilege management via SSH. An authenticated administrator can bypass the trusted host policy via crafted CLI command.
How to mitigate CVE-2025-54821
Install update from vendor's website.