Fortinet has issued an pressing advisory revealing a vital weak point in its FortiPAM and FortiSwitch Supervisor merchandise that would enable attackers to sidestep authentication fully by brute-force strategies.
Tracked as CVE-2025-49201, the flaw stems from a weak authentication mechanism within the Internet Software Supply (WAD) and Graphical Consumer Interface (GUI) parts, categorised underneath CWE-1390.
With a CVSS v3.1 rating of seven.4, rated as excessive severity, the vulnerability poses dangers of unauthorized code execution or command injection, doubtlessly granting distant attackers full management over affected techniques.
The problem impacts a number of variations of FortiPAM, Fortinet’s privileged entry administration resolution, and choose releases of FortiSwitch Supervisor, which handles community swap configurations.
Particularly, FortiPAM variations 1.5.0, 1.4.0 by 1.4.2, and all variations of 1.3, 1.2, 1.1, and 1.0 are weak. For FortiSwitch Supervisor, variations 7.2.0 by 7.2.4 within the 7.2 collection are impacted, whereas the 7.0 collection stays unaffected.
ProductAffected VersionsSolutionFortiPAM 1.7Not affectedNot ApplicableFortiPAM 1.6Not affectedNot ApplicableFortiPAM 1.51.5.0Upgrade to 1.5.1 or aboveFortiPAM 1.41.4.0 by 1.4.2Upgrade to 1.4.3 or aboveFortiPAM 1.31.3 all versionsMigrate to a set releaseFortiPAM 1.21.2 all versionsMigrate to a set releaseFortiPAM 1.11.1 all versionsMigrate to a set releaseFortiPAM 1.01.0 all versionsMigrate to a set releaseFortiSwitchManager 7.27.2.0 by 7.2.4Upgrade to 7.2.5 or aboveFortiSwitchManager 7.0Not affectedNot Relevant
Attackers require community entry and will exploit this over time with persistent brute-force makes an attempt, although no public exploits have surfaced but.
Fortinet urges instant patching to mitigate threats. Customers on weak FortiPAM 1.5 ought to improve to 1.5.1 or later, whereas these on 1.4 want model 1.4.3 or above. For older branches like 1.3 and beneath, migration to a set launch is important.
FortiSwitch Supervisor 7.2 customers should replace to 7.2.5 or larger. The corporate emphasizes monitoring for uncommon login makes an attempt and implementing multi-factor authentication as interim defenses.
Found internally by Gwendal Guégniaud from Fortinet’s Product Safety group, the vulnerability was revealed on October 14, 2025, underneath inside reference FG-IR-25-010.
This disclosure comes amid rising considerations over provide chain assaults focusing on community administration instruments, underscoring the necessity for swift updates in enterprise environments.
Observe us on Google Information, LinkedIn, and X for each day cybersecurity updates. Contact us to function your tales.
