
Cloud Vulnerability DB
Eine von der Community geführte Datenbank für Schwachstellen
CVE-2025-53844 is an out-of-bounds write vulnerability (CWE-787) in the CAPWAP daemon of Fortinet FortiOS that allows an attacker controlling an authenticated FortiAP, FortiExtender, or FortiSwitch device to gain execution privileges on the FortiGate device. It affects FortiOS 7.6.0 through 7.6.3, 7.4.0 through 7.4.8, and 7.2.0 through 7.2.11. The vulnerability was disclosed on May 12, 2026, and was internally discovered by Gwendal Guégniaud of the Fortinet Product Security team. It carries a CVSS v3.1 base score of 8.8 (High) per NVD, and 8.3 (High) per Fortinet's own advisory (FortiGuard Advisory).
The root cause is an out-of-bounds write (CWE-787) in FortiOS's CAPWAP (Control and Provisioning of Wireless Access Points) daemon, which handles communication between FortiGate and managed wireless/extension devices such as FortiAP, FortiExtender, and FortiSwitch. An attacker who controls an authenticated managed device can send specially crafted CAPWAP packets that trigger the out-of-bounds write, potentially leading to arbitrary code or command execution on the FortiGate host. Exploitation requires the attacker to already control a device that is authenticated to the FortiGate's CAPWAP service, meaning the attack vector is network-based but requires low-privilege authenticated access. No public proof-of-concept exploit code has been identified (FortiGuard Advisory).
Successful exploitation allows an attacker controlling an authenticated managed device (FortiAP, FortiExtender, or FortiSwitch) to execute unauthorized code or commands on the FortiGate device, resulting in full compromise of confidentiality, integrity, and availability of the affected system. This could enable an attacker to pivot from a compromised network edge device into the core FortiGate firewall, potentially exposing all traffic passing through it, modifying security policies, or establishing persistent access for lateral movement across the protected network (FortiGuard Advisory).
Fortinet has released patched versions: FortiOS 7.6.4 or later (for 7.6.x users), FortiOS 7.4.9 or later (for 7.4.x users), and FortiOS 7.2.12 or later (for 7.2.x users). Organizations should use Fortinet's upgrade path tool at https://docs.fortinet.com/upgrade-tool to plan their upgrade. As a temporary workaround, administrators can disable the CAPWAP daemon by running config global → config system global → set wireless-controller disable → end, and similarly disable FortiExtender (set fortiextender disable). Additionally, restricting network access to FortiOS management interfaces and implementing network segmentation can reduce exposure (FortiGuard Advisory).
Security media outlets including SecurityWeek and CSOOnline covered this vulnerability as part of Fortinet's May 2026 patch cycle, noting it alongside other critical fixes for FortiAuthenticator and FortiSandbox. The Belgian Centre for Cybersecurity (CCB) issued an advisory warning about multiple Fortinet vulnerabilities including CVE-2025-53844. Community coverage was moderate, with aggregators such as CyberSecurityNews and Cryptika reporting on the broader Fortinet patch release. No notable independent researcher commentary or significant social media discussion has been identified beyond standard patch reporting (SecurityWeek, CCB Advisory).
Quelle: Dieser Bericht wurde mithilfe von KI erstellt
Kostenlose Schwachstellenbewertung
Bewerten Sie Ihre Cloud-Sicherheitspraktiken in 9 Sicherheitsbereichen, um Ihr Risikoniveau zu bewerten und Lücken in Ihren Abwehrmaßnahmen zu identifizieren.
Eine personalisierte Demo anfordern
"Die beste Benutzererfahrung, die ich je gesehen habe, bietet vollständige Transparenz für Cloud-Workloads."
"„Wiz bietet eine zentrale Oberfläche, um zu sehen, was in unseren Cloud-Umgebungen vor sich geht.“ "
"„Wir wissen, dass, wenn Wiz etwas als kritisch identifiziert, es auch wirklich kritisch ist.“"