CVE-2025-25250: 
FortiOS vulnerability analysis and mitigation

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability (CVE-2025-25250) was discovered in FortiOS SSL-VPN web-mode. The vulnerability affects FortiOS versions 7.6.0, version 7.4.7 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions, and FortiSASE version 25.1.c. The vulnerability was publicly disclosed on June 10, 2025 (Fortinet PSIRT).

The vulnerability is classified as CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor). It has been assigned a CVSS v3.1 base score of 4.3 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N. The vulnerability specifically affects the SSL-VPN web-mode component of the affected systems (NVD).

The vulnerability may allow an authenticated user to access full SSL-VPN settings through a crafted URL, potentially exposing sensitive configuration information (Fortinet PSIRT).

Fortinet has released fixes for the affected versions. Users should upgrade FortiOS 7.6.0 to version 7.6.1 or above, FortiOS 7.4.0 through 7.4.7 to version 7.4.8 or above. For FortiOS versions 7.2, 7.0, and 6.4 (all versions), users should migrate to a fixed release. FortiSASE users should note that version 25.2.a contains the fix, and no action is required from customers (Fortinet PSIRT).