CVE-2025-25253
📊 7.5 HIGH⚡ 0.0%🎯 0 exploits
📅 Published Oct 14, 2025
📋 Status: Analyzed
An Improper Validation of Certificate with Host Mismatch vulnerability [CWE-297] in FortiProxy version 7.6.1 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions and FortiOS version 7.6.2 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions ZTNA proxy may allow an unauthenticated attacker in a man-in-the middle position to intercept and tamper with connections to the ZTNA proxy
CVSS v3.1 • [email protected]
🎯 Affected Products & Systems
4 product configurations affected
Filter by type:
| Type | Vendor | Product | Version Range | Status | CPE String |
|---|---|---|---|---|---|
📱App | fortinet | fortiproxy | ≥ 7.0.0 ∧ < 7.4.9 | Vulnerable | cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* |
📱App | fortinet | fortiproxy | ≥ 7.6.0 ∧ < 7.6.2 | Vulnerable | cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* |
💻OS | fortinet | fortios | ≥ 7.0.0 ∧ < 7.4.9 | Vulnerable | cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* |
💻OS | fortinet | fortios | ≥ 7.6.0 ∧ < 7.6.3 | Vulnerable | cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* |
📱
VulnerableApplication
Version: ≥ 7.0.0 ∧ < 7.4.9
CPE:
cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: ≥ 7.6.0 ∧ < 7.6.2
CPE:
cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*
Version: ≥ 7.0.0 ∧ < 7.4.9
CPE:
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
Metrics
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector:
ADJACENT_NETWORK
Complexity:
HIGH
Privileges:
NONE
User Interaction:
NONE
Confidentiality:
HIGH
Integrity:
HIGH
Availability:
HIGH
Scope:
UNCHANGED
🔍 Technical Details
Analysis Status
AnalyzedCVSS Details
7.5 (HIGH)v3.1
Source: [email protected]
EPSS Details
0.0% (Minimal)0.5th percentile
Last updated: Oct 31, 2025
Exploitation probability within 30 days
Published Date
Oct 14, 2025 (19 days ago)
Last Modified
Oct 15, 2025 (18 days ago)
Security Weaknesses1
CWE-297
References2
NVDgeneral