U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2025-53379

Change History

CVE Modified by CISA-ADP 7/14/2026 12:16:42 PM

Action Type Old Value New Value
Added SSVC

                  
                
              
{"timestamp":"2026-07-14T15:55:57.538368Z","id":"CVE-2025-53379","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}

New CVE Received from Fortinet, Inc. 7/14/2026 12:16:42 PM

Action Type Old Value New Value
Added Description

                  
                
              
A out-of-bounds read vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.2, FortiAuthenticator 6.5 all versions may allow a remote unauthenticated attacker to retrieve sensitive information via a specially crafted request.
Added CVSS V3.1

                  
                
              
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Added CWE

                  
                
              
CWE-125
Added Reference

                  
                
              
https://fortiguard.fortinet.com/psirt/FG-IR-26-146
Added Affected

                  
                
              
[{"vendor":"Fortinet","product":"FortiAuthenticator","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortiauthenticator:6.6.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.6.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.6.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.5.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.5.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.5.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.5.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.5.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.5.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.5.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.5.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.4.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.4.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.4.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.4.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.4.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.4.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.4.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.4.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.4.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.3.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.3.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.3.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.3.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.3.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiauthenticator:6.3.0:*:*:*:*:*:*:*"],"versions":[{"version":"6.6.0","lessThanOrEqual":"6.6.2","versionType":"semver","status":"affected"},{"version":"6.5.0","lessThanOrEqual":"6.5.7","versionType":"semver","status":"affected"},{"version":"6.4.0","lessThanOrEqual":"6.4.11","versionType":"semver","status":"affected"},{"version":"6.3.0","lessThanOrEqual":"6.3.5","versionType":"semver","status":"affected"}]}]