← volver
CVE-2025-54821

CVE-2025-54821

CVSS 1.8 LOWEPSS 0.1%CWE-269
Vexday Risk Score
8Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 1.8EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
18 nov 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
An Improper Privilege Management vulnerability [CWE-269] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.11, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3 all versions, FortiPAM 1.2 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions, FortiSASE 25.2.91 may allow an authenticated administrator to bypass the trusted host policy via crafted CLI command.
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:R

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →