
Cloud Vulnerability DB
A community-led vulnerabilities database
A heap-based buffer overflow vulnerability (CVE-2025-24477) was discovered in Fortinet FortiOS's cw_stad daemon. The vulnerability affects FortiOS versions 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, and 7.2.4 through 7.2.11. This security flaw was internally discovered and reported by Gwendal Guégniaud of Fortinet's Product Security team on July 8, 2025. The vulnerability has been assigned a CVSS v3.1 score of 4.2 (Medium) (Fortinet PSIRT, NVD).
The vulnerability is classified as a heap-based buffer overflow (CWE-122) in the cw_stad daemon of FortiOS. It specifically affects systems configured as wireless clients and requires authentication to exploit. The vulnerability can be triggered through specially crafted CLI commands. The CVSS vector string is CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L, indicating local access requirements and high privileges needed for exploitation (Fortinet PSIRT).
If successfully exploited, this vulnerability allows an authenticated attacker to escalate privileges and potentially execute arbitrary code or commands on the affected system. The impact is particularly concerning for organizations using FortiWifi models configured as wireless clients (GBHackers, Fortinet PSIRT).
Fortinet has released patches to address this vulnerability. Users are advised to upgrade to the following versions: FortiOS 7.6.3 or above for 7.6.x installations, FortiOS 7.4.8 or above for 7.4.x installations, and FortiOS 7.2.12 or above for 7.2.x installations. Fortinet provides an upgrade tool to help users follow the recommended upgrade path (Fortinet PSIRT).
The cybersecurity community has actively monitored and reported on this vulnerability, with multiple security news platforms covering the issue. The vulnerability has garnered attention due to Fortinet's widespread use in enterprise environments and the potential for privilege escalation (Cybersecurity News, GBHackers).
Source: This report was generated using AI
Free Vulnerability Assessment
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Get a personalized demo
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
"We know that if Wiz identifies something as critical, it actually is."