FortiOS 6.x-7.6.0 CLI Command Injection (CWE-684) CVE-2025-58325
CVE-2025-58325 Published on October 14, 2025
An Incorrect Provision of Specified Functionality vulnerability [CWE-684] in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2.5 through 7.2.10, 7.0.0 through 7.0.15, 6.4 all versions may allow a local authenticated attacker to execute system commands via crafted CLI commands.
Vulnerability Analysis
CVE-2025-58325 can be exploited with local system access, and requires user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
Incorrect Provision of Specified Functionality
The code does not function according to its published specifications, potentially leading to incorrect usage. When providing functionality to an external party, it is important that the software behaves in accordance with the details specified. When requirements of nuances are not documented, the functionality may produce unintended behaviors for the caller, possibly leading to an exploitable state.
Products Associated with CVE-2025-58325
Want to know whenever a new CVE is published for Fortinet FortiOS? stack.watch will email you.
Affected Versions
Fortinet FortiOS:- Version 7.6.0 is affected.
- Version 7.4.0, <= 7.4.5 is affected.
- Version 7.2.5, <= 7.2.10 is affected.
- Version 7.0.0, <= 7.0.15 is affected.
- Version 6.4.0, <= 6.4.16 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.