Medium6.2Fortinet Updated
Missing Authentication for critical function in CAPWAP daemon
FG-IR-26-125 Published Apr 14, 2026Updated by vendor Apr 14, 2026
CVE-2025-53847
Affected products & platforms
FortinetFortiGateFirewallFortiOSFortiSwitch
Summary
CVSSv3 Score: 6.2 A missing authentication for critical function vulnerability [CWE-306] in FortiOS and FortiSwitchManager CAPWAP daemon may allow a local unauthenticated attacker on the same local IP subnet to write device configuration via specially crafted requests.
Affected versions
- FortiOS 7.6: 7.6.0 through 7.6.3
- FortiOS 7.4: 7.4.0 through 7.4.8
- FortiOS 7.2: 7.2.0 through 7.2.11
- FortiOS 7.0: 7.0.0 through 7.0.17
- FortiOS 6.4: 6.4 all versions
- FortiOS 6.2: 6.2.9 through 6.2.17
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Fixed versions
- FortiOS 7.6: 7.6.4
- FortiOS 7.4: 7.4.9
- FortiOS 7.2: 7.2.12
- FortiOS 7.0: 7.0.18
- FortiOS 6.4: migrate to a fixed release
- FortiOS 6.2: migrate to a fixed release
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Mitigation checklist
Recommended fix / mitigation
- Upgrade per the Affected/Solution table: FortiOS 7.6: 7.6.4; FortiOS 7.4: 7.4.9; FortiOS 7.2: 7.2.12; FortiOS 7.0: 7.0.18; FortiOS 6.4: migrate to a fixed release; ….
Temporary workarounds
- Disable security fabric access into interface.Only allow legit devices in Wifi Controller > Managed FortiAPsRemove inter-controller-peer elements in config wireless-controller inter-controller configuration
- Warning :If auto-auth-extension-device is enabled in config system interface, any devicecan be authorized and then the vulnerability can be exploited without administratorauthorization.Please note that auto-auth-extension-device is disabled by defaultIf inter-controller-peer is set, it is strongly advised to change the inter-controller-key setting, even for fixed versions.
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.