■■■■□ Fortinet disclosed a significant security flaw in its FortiOS operating system, identified as CVE-2025-24477. This heap-based buffer overflow vulnerability, classified under CWE-122, affects the cw_stad daemon and could enable an authenticated attacker to execute arbitrary code or commands through specially crafted requests.
FortiOS Buffer Overflow Vulnerability Allows Attackers to Execute Arbitrary Code