CVE-2025-54821 is an improper privilege management vulnerability (CWE-269) identified in Fortinet's FortiProxy, FortiOS, and FortiPAM products across multiple versions, including FortiProxy 7.0.0 through 7.6.3 and FortiOS versions 6.4 through 7.6.3. The flaw allows an authenticated administrator—who already has high privileges—to bypass the trusted host policy by issuing specially crafted CLI commands. The trusted host policy is designed to restrict administrative access to specific IP addresses or hosts; bypassing it can enable an attacker with admin credentials to perform administrative actions from unauthorized locations or systems. The vulnerability requires local access with high privileges and does not require user interaction. The CVSS v3.1 score is 1.8, reflecting low severity due to the prerequisite of high privileges and limited impact scope. The vulnerability affects the integrity of the system by potentially allowing unauthorized administrative commands but does not impact confidentiality or availability. No known exploits have been reported in the wild, and Fortinet has not yet released patches or mitigation guidance. The vulnerability affects a broad range of Fortinet security products widely deployed in enterprise and service provider environments.

For European organizations, the primary risk lies in the potential for an authenticated administrator to circumvent network access restrictions, potentially leading to unauthorized administrative actions that could alter configurations or security policies. While the vulnerability does not directly expose sensitive data or cause service disruption, it undermines access controls that are critical for secure management of Fortinet devices. Organizations relying on Fortinet FortiProxy, FortiOS, or FortiPAM for perimeter security, web proxying, or privileged access management could see increased risk if administrative credentials are compromised or if internal threat actors exploit this flaw. The impact is more pronounced in environments with less stringent internal access controls or where trusted host policies are a key security measure. Given the absence of known exploits, the immediate threat is low, but the vulnerability could be leveraged in targeted attacks or insider threat scenarios. This could affect sectors such as finance, telecommunications, government, and critical infrastructure within Europe, where Fortinet products are commonly deployed.

European organizations should implement the following specific mitigations: 1) Restrict administrative access to Fortinet devices strictly to trusted personnel and enforce strong authentication mechanisms such as multi-factor authentication (MFA). 2) Monitor administrative CLI access logs for unusual commands or access patterns that may indicate attempts to bypass trusted host policies. 3) Apply network segmentation to limit the exposure of management interfaces to only necessary and secure network segments. 4) Temporarily disable or restrict CLI access from less secure or untrusted hosts until patches or official guidance are released by Fortinet. 5) Maintain up-to-date inventories of Fortinet product versions deployed and prepare to apply vendor patches promptly once available. 6) Conduct internal audits of trusted host configurations to ensure they are correctly implemented and enforced. 7) Educate administrators about the risks of privilege misuse and the importance of safeguarding credentials. These steps go beyond generic advice by focusing on access control hardening, monitoring, and operational readiness specific to this vulnerability's nature.