diff --git a/docs/release-notes/version-3.3.md b/docs/release-notes/version-3.3.md
index fe37cce3e..0015dc2df 100644
--- a/docs/release-notes/version-3.3.md
+++ b/docs/release-notes/version-3.3.md
@@ -21,6 +21,7 @@
 * [#10655](https://github.com/netbox-community/netbox/issues/10655) - Correct display of assigned contacts in object tables
 * [#10712](https://github.com/netbox-community/netbox/issues/10712) - Fix ModuleNotFoundError exception when generating API schema under Python 3.9+
 * [#10716](https://github.com/netbox-community/netbox/issues/10716) - Add left/right page plugin content embeds for tag view
+* [#10719](https://github.com/netbox-community/netbox/issues/10719) - Prevent user without sufficient permission from creating an IP address via FHRP group creation
 * [#10723](https://github.com/netbox-community/netbox/issues/10723) - Distinguish between inside/outside NAT assignments for device/VM primary IPs
 * [#10745](https://github.com/netbox-community/netbox/issues/10745) - Correct display of status field in clusters list
 * [#10746](https://github.com/netbox-community/netbox/issues/10746) - Add missing status attribute to cluster view
diff --git a/netbox/ipam/forms/models.py b/netbox/ipam/forms/models.py
index f66b7efba..1986b1590 100644
--- a/netbox/ipam/forms/models.py
+++ b/netbox/ipam/forms/models.py
@@ -552,6 +552,7 @@ class FHRPGroupForm(NetBoxModelForm):
 
     def save(self, *args, **kwargs):
         instance = super().save(*args, **kwargs)
+        user = getattr(instance, '_user', None)  # Set under FHRPGroupEditView.alter_object()
 
         # Check if we need to create a new IPAddress for the group
         if self.cleaned_data.get('ip_address'):
@@ -565,7 +566,7 @@ class FHRPGroupForm(NetBoxModelForm):
             ipaddress.save()
 
             # Check that the new IPAddress conforms with any assigned object-level permissions
-            if not IPAddress.objects.filter(pk=ipaddress.pk).first():
+            if not IPAddress.objects.restrict(user, 'add').filter(pk=ipaddress.pk).first():
                 raise PermissionsViolation()
 
         return instance
diff --git a/netbox/ipam/views.py b/netbox/ipam/views.py
index 04d07e356..72483d40f 100644
--- a/netbox/ipam/views.py
+++ b/netbox/ipam/views.py
@@ -930,6 +930,12 @@ class FHRPGroupEditView(generic.ObjectEditView):
 
         return return_url
 
+    def alter_object(self, obj, request, url_args, url_kwargs):
+        # Workaround to solve #10719. Capture the current user on the FHRPGroup instance so that
+        # we can evaluate permissions during the creation of a new IPAddress within the form.
+        obj._user = request.user
+        return obj
+
 
 class FHRPGroupDeleteView(generic.ObjectDeleteView):
     queryset = FHRPGroup.objects.all()