無料スキャン
MEDIUMCVE-2025-58413CVSS 6.9

A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS

翻訳中…

プラットフォーム

fortinet

コンポーネント

fortios

修正版

7.6.4

7.4.9

7.2.13

7.0.19

6.4.17

6.2.18

6.0.19

25.3.1

AI Confidence: highNVDEPSS 0.0%レビュー済み: 2026年5月
NVDで見る
保存
あなたの言語に翻訳中…

CVE-2025-58413 represents a stack-based buffer overflow vulnerability discovered in FortiOS, Fortinet’s firewall operating system. Successful exploitation allows an attacker to execute arbitrary code or commands on the affected system, potentially leading to complete system compromise. This vulnerability affects FortiOS versions 6.0 through 25.3.b, as well as FortiSASE 25.3.b, and has been published on November 18, 2025.

影響と攻撃シナリオ翻訳中…

The impact of CVE-2025-58413 is significant due to the potential for remote code execution. An attacker who successfully exploits this vulnerability can gain complete control over the affected FortiOS device, including the ability to modify firewall rules, steal sensitive data, and pivot to other systems on the network. The ability to execute arbitrary commands allows for a wide range of malicious activities, including data exfiltration, denial-of-service attacks, and the installation of persistent backdoors. Given FortiOS's role as a critical network security component, a successful compromise could have a broad blast radius, impacting the entire organization. The vulnerability's nature, a buffer overflow, suggests a potential for denial-of-service conditions as well, further disrupting network operations.

悪用の状況翻訳中…

CVE-2025-58413 was published on November 18, 2025. The EPSS score is pending evaluation, but the nature of a buffer overflow vulnerability suggests a potentially high probability of exploitation, especially if a public proof-of-concept (POC) is released. As of the publication date, no public POCs are known. The vulnerability is not currently listed on KEV, but this may change. Monitor NVD and CISA advisories for updates and potential exploitation campaigns.

脅威インテリジェンス

エクスプロイト状況

概念実証不明
CISA KEVNO
インターネット露出

EPSS

0.01% (0% パーセンタイル)

CISA SSVC

悪用状況none
自動化可能no
技術的影響total

CVSS ベクトル

脅威インテリジェンス· CVSS 3.1CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:W/RC:C6.9MEDIUMAttack VectorAdjacent攻撃者がターゲットに到達する方法Attack ComplexityHigh悪用に必要な条件Privileges RequiredNone攻撃に必要な認証レベルUser InteractionNone被害者の操作が必要かどうかScopeUnchanged影響コンポーネント外への波及ConfidentialityHigh機密データ漏洩のリスクIntegrityHigh不正データ改ざんのリスクAvailabilityHighサービス障害のリスクnextguardhq.com · CVSS v3.1 基本スコア
これらのメトリクスの意味は?
Attack Vector
隣接 — 同一LAN・Bluetooth・ローカル無線セグメントへの近接が必要。
Attack Complexity
高 — 競合条件、非標準設定、または特定の状況が必要。悪用が難しい。
Privileges Required
なし — 認証不要。資格情報なしで悪用可能。
User Interaction
なし — 自動かつ無音の攻撃。被害者は何もしない。
Scope
変化なし — 影響は脆弱なコンポーネントのみ。
Confidentiality
高 — 機密性の完全喪失。全データが読み取り可能。
Integrity
高 — 任意のデータの書き込み・変更・削除が可能。
Availability
高 — 完全なクラッシュまたはリソース枯渇。完全なサービス拒否。

影響を受けるソフトウェア

コンポーネントfortios
ベンダーFortinet
影響範囲修正版
7.6.0 – 7.6.37.6.4
7.4.0 – 7.4.87.4.9
7.2.0 – 7.2.127.2.13
7.0.0 – 7.0.187.0.19
6.4.0 – 6.4.166.4.17
6.2.0 – 6.2.176.2.18
6.0.0 – 6.0.186.0.19
25.3.b – 25.3.b25.3.1

弱点分類 (CWE)

CWE-121

タイムライン

  1. 予約済み
  2. 公開日
  3. 更新日
  4. EPSS 更新日
未パッチ — 公開から187日経過

緩和策と回避策翻訳中…

The primary mitigation for CVE-2025-58413 is to upgrade to a patched version of FortiOS as soon as possible. Fortinet has not yet released a fixed version as of the publication date. Until a patch is available, consider implementing temporary workarounds to reduce the attack surface. These may include restricting access to the vulnerable services, implementing strict input validation on network traffic, and deploying a Web Application Firewall (WAF) or reverse proxy to filter malicious packets. Monitor network traffic for suspicious patterns indicative of exploitation attempts. If a rollback to a previous, known-good version is possible, this can provide an immediate, albeit temporary, solution. After upgrading, verify the fix by attempting to reproduce the vulnerability using known attack vectors and confirming that the overflow is no longer triggered.

修正方法翻訳中…

Actualizar FortiOS a una versión corregida. Consulte el advisory de Fortinet para obtener la versión específica a la que debe actualizar.

CVEセキュリティニュースレター

脆弱性分析と重要アラートをメールでお届けします。

よくある質問翻訳中…

What is CVE-2025-58413 — Buffer Overflow in FortiOS?

It's a medium-severity buffer overflow vulnerability in FortiOS, allowing attackers to execute code via crafted packets.

Am I affected by CVE-2025-58413 in FortiOS?

If you are running FortiOS 6.0 through 25.3.b, or FortiSASE 25.3.b, you are potentially affected. Check your version and apply updates.

How do I fix CVE-2025-58413 in FortiOS?

Upgrade to a patched version of FortiOS as soon as it becomes available. Until then, implement temporary workarounds like restricting access and using a WAF.

Is CVE-2025-58413 being actively exploited?

As of November 18, 2025, no public exploitation is known, but the vulnerability's nature suggests a potential for exploitation.

Where can I find the official FortiOS advisory for CVE-2025-58413?

Refer to the Fortinet security advisory (when released) and the National Vulnerability Database (NVD) entry for CVE-2025-58413.

あなたのプロジェクトは影響を受けていますか?

依存関係ファイルをアップロードすれば、このCVEや他のCVEがあなたに影響するか即座にわかります。

無料スキャンCVEを検索