Fortinet on Tuesday introduced patches for a dozen vulnerabilities throughout its product portfolio, together with a vital zero-day bug exploited within the wild in opposition to FortiVoice cellphone system home equipment.
The exploited flaw, tracked as CVE-2025-32756 (CVSS rating of 9.6), is described as a stack-based overflow defect that permits unauthenticated, distant attackers to execute arbitrary code or instructions utilizing crafted HTTP requests.
“Fortinet has noticed this to be exploited within the wild on FortiVoice,” the corporate notes in its advisory.
As a part of the noticed assaults, risk actors scanned the system community, erased system crashlogs, after which enabled fcgi debugging to log system credentials and SSH logins.
Fortinet has shared indicators of compromise (IoCs) to assist clients hunt for potential breaches and proposes disabling the HTTP/HTTPS administrative interface as a workaround.
Though exploited solely in opposition to FortiVoice situations, CVE-2025-32756 additionally impacts FortiMail, FortiNDR, FortiRecorder, and FortiCamera, and safety updates have been launched for all 5 merchandise.
On Tuesday, Fortinet additionally launched patches for a vital flaw in FortiOS, FortiProxy, and FortiSwitchManager. Tracked as CVE-2025-22252 (CVSS rating of 9.0) and described as a lacking authentication for vital perform defect, it may result in TACACS+ authentication bypass.
It solely impacts situations which have “TACACS+ configured to make use of a distant TACACS+ server for authentication, that has itself been configured to make use of ASCII authentication”. An attacker may goal an current administrative account to entry the system with admin privileges.Commercial. Scroll to proceed studying.
“This vulnerability is restricted to configurations the place ASCII authentication is used. PAP, MSCHAP, and CHAP configurations usually are not impacted,” Fortinet notes.
The corporate additionally resolved a high-severity incorrect authorization situation in FortiClient for macOS (CVE-2025-25251) that would permit an area attacker to raise their privileges utilizing crafted XPC messages.
Patches have been additionally launched for a number of medium- and low-severity flaws in FortiClient, FortiOS Safety Cloth, FortiManager, FortiOS, FortiVoiceUC, and FortiPortal.
Moreover, the corporate has up to date the advisories for 4 bugs to incorporate extra affected merchandise. Three of those impression OpenSSH and two resolve the Terrapin and regreSSHion assaults disclosed final yr.
Fortinet clients are suggested to use the newly launched patches as quickly as doable. Extra info might be discovered on Fortinet’s PSIRT advisories web page.
Associated: Risk Actor Allegedly Promoting Fortinet Firewall Zero-Day Exploit
Associated: Fortinet Patches Crucial FortiSwitch Vulnerability
Associated: Current Fortinet Vulnerabilities Exploited in ‘SuperBlack’ Ransomware Assaults
Associated: Fortinet Patches 18 Vulnerabilities
