{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-59923", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2025-09-23T12:51:54.672Z", "datePublished": "2025-12-09T17:18:45.658Z", "dateUpdated": "2026-01-14T09:18:46.546Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiAuthenticator", "cpes": ["cpe:2.3:a:fortinet:fortiauthenticator:6.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "6.6.0", "lessThanOrEqual": "6.6.6", "status": "affected"}, {"versionType": "semver", "version": "6.5.0", "lessThanOrEqual": "6.5.6", "status": "affected"}, {"versionType": "semver", "version": "6.4.0", "lessThanOrEqual": "6.4.10", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "An improper access control vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow an authenticated attacker with at least read-only admin permission to obtain the credentials of other administrators' messaging services via crafted requests."}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2026-01-14T09:18:46.546Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-284", "description": "Escalation of privilege", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.6, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:U/RC:C"}}], "solutions": [{"lang": "en", "value": "Upgrade to FortiAuthenticator version 8.0.0 or above\nUpgrade to FortiAuthenticator version 6.6.7 or above"}], "references": [{"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-616", "url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-616"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-09T20:21:28.611253Z", "id": "CVE-2025-59923", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-09T20:43:38.470Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-59923", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-09T20:21:28.611253Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-09T20:21:32.513Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.6, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:U/RC:C", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}}], "affected": [{"cpes": ["cpe:2.3:a:fortinet:fortiauthenticator:6.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.0:*:*:*:*:*:*:*"], "vendor": "Fortinet", "product": "FortiAuthenticator", "versions": [{"status": "affected", "version": "6.6.0", "versionType": "semver", "lessThanOrEqual": "6.6.6"}, {"status": "affected", "version": "6.5.0", "versionType": "semver", "lessThanOrEqual": "6.5.6"}, {"status": "affected", "version": "6.4.0", "versionType": "semver", "lessThanOrEqual": "6.4.10"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade to FortiAuthenticator version 8.0.0 or above\nUpgrade to FortiAuthenticator version 6.6.7 or above"}], "references": [{"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-616", "name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-616"}], "descriptions": [{"lang": "en", "value": "An improper access control vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow an authenticated attacker with at least read-only admin permission to obtain the credentials of other administrators' messaging services via crafted requests."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "Escalation of privilege"}]}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2025-12-11T17:08:42.258Z"}}}, "cveMetadata": {"cveId": "CVE-2025-59923", "state": "PUBLISHED", "dateUpdated": "2025-12-11T17:08:42.258Z", "dateReserved": "2025-09-23T12:51:54.672Z", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "datePublished": "2025-12-09T17:18:45.658Z", "assignerShortName": "fortinet"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortiauthenticator:*:*:*:*:*:*:*:*", "matchCriteriaId": "AC1A8077-94C7-4F49-B819-5A19492C7509", "versionEndIncluding": "6.6.4", "versionStartIncluding": "6.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An improper access control vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow an authenticated attacker with at least read-only admin permission to obtain the credentials of other administrators' messaging services via crafted requests."}], "id": "CVE-2025-59923", "lastModified": "2025-12-11T17:15:56.497", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 1.4, "source": "psirt@fortinet.com", "type": "Secondary"}]}, "published": "2025-12-09T18:15:55.663", "references": [{"source": "psirt@fortinet.com", "tags": ["Vendor Advisory"], "url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-616"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "psirt@fortinet.com", "type": "Secondary"}]}

{}

{}