CVE-2025-64447

A reliance on cookies without validation and integrity checking vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.10, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an unauthenticated attacker to execute arbitrary operations on the system via crafted HTTP or HTTPS request via forged cookies, requiring prior knowledge of the FortiWeb serial number.

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://fortiguard.fortinet.com/psirt/FG-IR-25-945	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:fortinet:fortiweb::::::::
	cpe:2.3:a:fortinet:fortiweb::::::::
	cpe:2.3:a:fortinet:fortiweb::::::::
	cpe:2.3:a:fortinet:fortiweb::::::::
	cpe:2.3:a:fortinet:fortiweb::::::::

History

09 Dec 2025, 20:40

Type	Values Removed	Values Added
CPE		cpe:2.3:a:fortinet:fortiweb::::::::
First Time		Fortinet Fortinet fortiweb
References	~~() https://fortiguard.fortinet.com/psirt/FG-IR-25-945 -~~	() https://fortiguard.fortinet.com/psirt/FG-IR-25-945 - Vendor Advisory

09 Dec 2025, 18:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-12-09 18:16

Updated : 2025-12-09 20:40

NVD link : CVE-2025-64447

Mitre link : CVE-2025-64447

CVE.ORG link : CVE-2025-64447

JSON object : View

Products Affected

fortinet

fortiweb

CWE

CWE-565

Reliance on Cookies without Validation and Integrity Checking

{"id": "CVE-2025-64447", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@fortinet.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2025-12-09T18:16:05.227", "references": [{"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-945", "tags": ["Vendor Advisory"], "source": "psirt@fortinet.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@fortinet.com", "description": [{"lang": "en", "value": "CWE-565"}]}], "descriptions": [{"lang": "en", "value": "A reliance on cookies without validation and integrity checking vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.10, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an unauthenticated attacker to execute arbitrary operations on the system via crafted HTTP or HTTPS request via forged cookies, requiring prior knowledge of the FortiWeb serial number."}], "lastModified": "2025-12-09T20:40:27.990", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B46A0B2-ED2C-4836-8E72-CE1D4F3545E5", "versionEndIncluding": "7.0.11", "versionStartIncluding": "7.0.0"}, {"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E60D5043-7CE7-4DD1-B2DB-B6B08ABFAD13", "versionEndIncluding": "7.2.11", "versionStartIncluding": "7.2.0"}, {"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF87852D-C4E8-441A-9443-CB0BA0812568", "versionEndIncluding": "7.4.10", "versionStartIncluding": "7.4.0"}, {"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A162A55D-A22C-43F3-A77A-B8FB8214D6C3", "versionEndIncluding": "7.6.5", "versionStartIncluding": "7.6.0"}, {"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A628CC4-1789-4DAB-AFF0-96EDD7AEF0A6", "versionEndIncluding": "8.0.1", "versionStartIncluding": "8.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@fortinet.com"}