Security Advisory
CVE-2025-62631
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
An insufficient session expiration vulnerability [CWE-613] vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to maintain access to network resources via an active SSLVPN session not terminated after a users password change under particular conditions outside of the attackers control