How severe is CVE-2023-25610?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2023-25610?

This is classified as CWE-124, which is a common weakness in software security.

CVE-2023-25610 - CRITICAL Severity | CVSS 9.8

Vulnerability Description

A buffer underwrite ('buffer underflow') vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.6, version 6.4.0 through 6.4.11 and version 6.2.12 and below, FortiProxy version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.8, version 2.0.12 and below and FortiOS-6K7K version 7.0.5, version 6.4.0 through 6.4.10 and version 6.2.0 through 6.2.10 and below allows a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.

Related Vulnerabilities

CVE-2018-15361

CRITICAL

CVSS:9.8(Critical)

UltraVNC revision 1198 has a buffer underflow vulnerability in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vul...

CWE-1242018

CVE-2021-38578

CRITICAL

CVSS:9.8(Critical)

Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.

CWE-1242021

CVE-2023-32614

CRITICAL

CVSS:9.8(Critical)

A heap-based buffer overflow vulnerability exists in the create_png_object functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to memory corruption. An attacker can p...

CWE-1242023

CVE-2023-48230

CRITICAL

CVSS:9.8(Critical)

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused ...

CWE-1242023

CVE-2022-20683

HIGH

CVSS:8.6(High)

A vulnerability in the Application Visibility and Control (AVC-FNF) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker...

CWE-1242022

CVE-2025-27439

HIGH

CVSS:8.5(High)

Buffer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access.

CWE-1242025