FortiManager 7.4.07.4.2 Stack Buffer Overflow CVE202554820
CVE-2025-54820 Published on March 10, 2026
A Stack-based Buffer Overflow vulnerability [CWE-121] vulnerability in Fortinet FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.10, FortiManager 6.4 all versions may allow a remote unauthenticated attacker to execute unauthorized commands via crafted requests, if the service is enabled. The success of the attack depends on the ability to bypass the stack protection mechanisms.
Vulnerability Analysis
CVE-2025-54820 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
What is a Stack Overflow Vulnerability?
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CVE-2025-54820 has been classified to as a Stack Overflow vulnerability or weakness.
Products Associated with CVE-2025-54820
Want to know whenever a new CVE is published for Fortinet FortiManager? stack.watch will email you.
Affected Versions
Fortinet FortiManager:- Version 7.4.0, <= 7.4.2 is affected.
- Version 7.2.0, <= 7.2.10 is affected.
- Version 6.4.0, <= 6.4.15 is affected.