FortiOS Buffer Overflow 7.6-7.6.3, 7.4-7.4.8, 7.2+, 7.0+, 6.4+, 6.2+, 6.0+; FortiSASE 25.3.b
CVE-2025-58413 Published on November 18, 2025
A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiSASE 25.3.b allows attacker to execute unauthorized code or commands via specially crafted packets
Vulnerability Analysis
Weakness Type
What is a Stack Overflow Vulnerability?
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CVE-2025-58413 has been classified to as a Stack Overflow vulnerability or weakness.
Products Associated with CVE-2025-58413
stack.watch emails you whenever new vulnerabilities are published in Fortinet Fortisase or Fortinet FortiOS. Just hit a watch button to start following.
Affected Versions
Fortinet FortiOS:- Version 7.6.0, <= 7.6.3 is affected.
- Version 7.4.0, <= 7.4.8 is affected.
- Version 7.2.0, <= 7.2.12 is affected.
- Version 7.0.0, <= 7.0.18 is affected.
- Version 6.4.0, <= 6.4.16 is affected.
- Version 6.2.0, <= 6.2.17 is affected.
- Version 6.0.0, <= 6.0.18 is affected.
- Version 25.3.b is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.