Fortinet on Tuesday introduced patches for six vulnerabilities throughout its merchandise, together with two critical-severity bugs in FortiFone and FortiSIEM.
Probably the most extreme of those flaws is CVE-2025-64155 (CVSS rating of 9.4), an OS command injection challenge in FortiSIEM that might be exploited by unauthenticated attackers for code and command execution.
Exploitable through crafted TCP requests, the safety defect was resolved in FortiSIEM variations 7.1.9, 7.2.7, 7.3.5, and seven.4.1.
Based on Fortinet, solely the Tremendous and Employee nodes are affected, however not Collector nodes. The danger related to the weak spot might be mitigated by limiting entry to the phMonitor port (7900).
The critical-severity FortiFone bug, tracked as CVE-2025-47855 (CVSS rating of 9.3), impacts the equipment’s internet portal and might be exploited with out authentication to leak system configuration through crafted HTTP or HTTPS requests.
The vulnerability was resolved with the discharge of FortiFone variations 3.0.24 and seven.0.2.Commercial. Scroll to proceed studying.
On Tuesday, Fortinet additionally launched fixes for CVE-2025-25249 (CVSS rating of seven.4), a high-severity flaw within the cw_acd daemon element of FortiOS and FortiSwitchManager.
Described as a heap-based buffer overflow challenge, the defect might result in distant, unauthenticated code or command execution and might be exploited through crafted requests.
Patches for the bug have been included in FortiOS variations 7.0.18, 7.2.12, 7.4.9, and seven.6.4, FortiSASE model 25.2.c, and FortiSwitchManager variations 7.0.6 and seven.2.7. Fortinet may also embody the fixes within the upcoming FortiOS model 6.4.17.
As a workaround, Fortinet recommends eradicating ‘material’ entry for every equipment interface, blocking entry to the capwap daemon, or blocking CAPWAP-CONTROL entry to port 5246-5249 for all interfaces with the ‘material’ service.
Fortinet on Tuesday additionally launched patches for 2 medium-severity vulnerabilities in FortiClientEMS and FortiVoice, and for a low-severity bug in FortiSandbox.
The corporate makes no point out of any of those safety defects being exploited within the wild, however customers are suggested to replace their home equipment as quickly as attainable. Extra data might be discovered on Fortinet’s PSIRT advisories web page.
Associated: Adobe Patches Important Apache Tika Bug in ColdFusion
Associated: Fortinet Warns of New Assaults Exploiting Outdated Vulnerability
Associated: In-the-Wild Exploitation of Recent Fortinet Flaws Begins
Associated: Fortinet Patches Important Authentication Bypass Vulnerabilities
