Security Advisory

CVE-2025-25253

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-14 15:22:56

Last updated 2026-02-26 17:47:34

Assigner fortinet

State PUBLISHED

Description

An Improper Validation of Certificate with Host Mismatch vulnerability [CWE-297] in FortiProxy version 7.6.1 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions and FortiOS version 7.6.2 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions ZTNA proxy may allow an unauthenticated attacker in a man-in-the middle position to intercept and tamper with connections to the ZTNA proxy

← Browse all CVEs View on cve.org ↗