CVE-2025-54821
LowCVSS 1.9Exploitation Probability (EPSS)
Low risk3th percentile — higher than 3% of all known CVEs
Summary
An Improper Privilege Management vulnerability in Fortinet FortiOS and FortiPAM allows an authenticated administrator to bypass the trusted host policy via crafted CLI command.
Risk Assessment
This vulnerability may lead to unauthorized access to the system, posing a serious security threat to the organization.
Recommendation
It is recommended to update to the latest version of FortiOS and FortiPAM to mitigate this vulnerability and review the privilege management policy.
Original NVD description (English source)
An Improper Privilege Management vulnerability [CWE-269] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.11, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3 all versions, FortiPAM 1.2 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions, FortiSASE 25.2.91 may allow an authenticated administrator to bypass the trusted host policy via crafted CLI command.

