CVE-2025-58413: 
FortiOS vulnerability analysis and mitigation

A stack-based buffer overflow vulnerability (CVE-2025-58413) was discovered in the FortiOS CAPWAP daemon. The vulnerability was initially published on November 18, 2025, and affects multiple versions of FortiOS (6.0 through 7.6.3) and FortiSASE 25.3.b. This security issue has been assigned a medium severity rating with a CVSSv3 score of 6.9 (Fortinet PSIRT, NVD).

The vulnerability is classified as a stack-based buffer overflow (CWE-124) in the CAPWAP daemon of FortiOS. The flaw allows a remote unauthenticated attacker on an adjacent network to potentially achieve arbitrary code execution by sending specially crafted packets. In the default configuration, successful exploitation requires the attacker to control an authorized FortiAP and have access to the same local IP subnet. Additionally, the attacker must bypass both stack protection and ASLR security mechanisms (Fortinet PSIRT).

If successfully exploited, this vulnerability allows attackers to execute unauthorized code or commands on affected systems. The attack requires specific conditions to be met, including network adjacency and control of an authorized FortiAP, which somewhat limits its potential impact (Fortinet PSIRT).

Fortinet has released patches for affected versions. Users of FortiOS 7.6.0-7.6.3 should upgrade to version 7.6.4 or above, while FortiOS 7.4.0-7.4.8 users should upgrade to version 7.4.9 or above. Users of FortiOS versions 7.2, 7.0, 6.4, 6.2, and 6.0 should migrate to a fixed release. For FortiSASE 25.3.b, the issue has been remediated in version 25.3.c. Fortinet provides an upgrade path tool at their documentation site to assist with the upgrade process (Fortinet PSIRT).