{"uuid": "48d3bc1d-ce6b-4a0d-93f6-aec07945969d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "title": "Authentication Vulnerability in FortiOS, FortiProxy, and FortiSwitchManager leads to Unauthenticated Admin Access", "description": "### Risks\n\nFortiOS, FortiProxy, and FortiSwitchManager are core components of Fortinet\u2019s network security and management infrastructure, which provide firewalling, proxy services, and centralized switch management.\n\nCVE-2025-22252 is a missing authentication vulnerability that allows an unauthenticated attacker with knowledge of an existing admin account to access the device as a valid admin. Exploitation of this flaw could grant attackers unauthorized control over network infrastructure, threatening confidentiality through data exposure, integrity via configuration tampering, and availability by disrupting critical services.\n\n\n### Description\n\nCVE-2025-22252 is a missing authentication for critical function vulnerability in devices configured to use a remote TACACS+ server for authentication configured to use ASCII authentication. It may allow an attacker with knowledge of an existing admin account to access the device as a valid admin via an authentication bypass, potentially resulting in complete system compromise, data theft and service disruption.", "description_format": "markdown", "vulnerability": "CVE-2025-22252", "creation_timestamp": "2025-05-15T12:16:29.052130+00:00", "timestamp": "2025-05-15T12:16:29.052130+00:00", "related_vulnerabilities": ["CVE-2025-22252"], "meta": [{"ref": ["https://ccb.belgium.be/advisories/warning-cve-2025-22252-missing-authentication-vulnerability-fortios-fortiproxy-and"], "tags": ["vulnerability:information=remediation", "vulnerability:origin=software"]}], "author": {"login": "cedric", "name": "C\u00e9dric Bonhomme", "uuid": "af0120d0-3dac-4a6a-974b-a9f33d2a9846"}}