CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-22859

A Relative Path Traversal vulnerability [CWE-23] in FortiClientEMS 7.4.0 through 7.4.1 and FortiClientEMS Cloud 7.4.0 through 7.4.1 may allow a remote unauthenticated attacker to perform a limited arbitrary file write on the system via upload requests.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 32.2%

CVSS Severity

CVSS v3 Score 5.3

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-552

Products affected by CVE-2025-22859

Fortinet » Forticlientems » Version: 7.4.0

cpe:2.3:a:fortinet:forticlientems:7.4.0
Fortinet » Forticlientems » Version: 7.4.1

cpe:2.3:a:fortinet:forticlientems:7.4.1
Fortinet » Forticlientems Cloud » Version: 7.4.0

cpe:2.3:a:fortinet:forticlientems_cloud:7.4.0
Fortinet » Forticlientems Cloud » Version: 7.4.1

cpe:2.3:a:fortinet:forticlientems_cloud:7.4.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-22859

Products

Pricing

Contact Us