Fortinet and Ivanti have introduced their October 2025 Patch Tuesday updates, which repair probably severe vulnerabilities throughout their merchandise.
Fortinet has printed 29 new advisories overlaying greater than 30 vulnerabilities. A number of of the issues have been assigned a ‘excessive severity’ score, together with CVE-2025-54988, which impacts FortiDLP attributable to its use of Apache Tika. Tika is impacted by a important flaw permitting an attacker to learn delicate knowledge or ship malicious requests to inner sources or third-party servers.
FortiDLP can be affected by CVE-2025-53951 and CVE-2025-54658, which may permit an authenticated attacker to escalate privileges to LocalService or Root by sending a specifically crafted request.
A privilege escalation vulnerability that permits an authenticated attacker to execute system instructions has been patched in FortiOS. The safety gap is tracked as CVE-2025-58325.
One other high-severity difficulty is CVE-2024-33507, which impacts FortiIsolator and permits a distant attacker to make use of specifically crafted cookies to deauthenticate logged-in directors (unauthenticated attacker) or to achieve write privileges (authenticated attacker).
A privilege escalation difficulty within the LaunchDaemon part of FortiClientMac has additionally been categorised as ‘excessive severity’. The difficulty is tracked as CVE-2025-57741.
The final high-severity difficulty is CVE-2025-49201, which impacts FortiPAM and FortiSwitchManager and permits an attacker to bypass authentication via a brute-force assault.
Medium- and low-severity flaws have been patched in FortiOS, FortiPAM, FortiProxy, FortiClientMac, FortiClientWindows, FortiADC, FortiDLP, FortiSwitchManager, FortiManager, FortiAnalyzer, FortiSRA, FortiRecorder, FortiTester, FortiVoice, FortiWeb, FortiSASE, FortiSOAR, and FortiSIEM.Commercial. Scroll to proceed studying.
These weaknesses will be exploited for arbitrary code execution, DLL hijacking, acquiring delicate knowledge, bypassing safety features, inflicting a DoS situation, conducting XSS assaults, redirecting customers, and escalating privileges.
There isn’t any proof that these vulnerabilities have been exploited within the wild. Lots of the points had been found internally by Fortinet.
Ivanti has introduced the supply of patches for vulnerabilities in Endpoint Supervisor Cellular (EPMM) and Neurons for MDM. Ivanti has additionally printed an advisory for Endpoint Supervisor to supply mitigation choices for vulnerabilities disclosed earlier this month.
In EPMM, Ivanti addressed three high-severity flaws that may be exploited by an authenticated attacker with admin privileges to execute arbitrary code. The corporate additionally fastened one medium-severity difficulty permitting an authenticated attacker to put in writing knowledge on the disk.
In Neurons for MDM, Ivanti fastened two high-severity points. One in all them permits an authenticated attacker with admin permissions to “unenroll arbitrary gadgets, inflicting the focused machine to vanish from the Unified Endpoint Supervisor UI”. The second difficulty is an MFA bypass that may be exploited by a distant, authenticated attacker.
A medium-severity flaw permitting a distant, unauthenticated attacker to entry delicate consumer data through an API endpoint has additionally been fastened in Neurons for MDM.
Ivanti additionally mentioned it has no proof that any of those vulnerabilities are being exploited within the wild.
Nonetheless, each Ivanti and Fortinet product vulnerabilities are sometimes focused by menace actors and it’s vital that their prospects apply obtainable patches as quickly as doable.
Associated: CISA Analyzes Malware From Ivanti EPMM Intrusions
Associated: Cisco, Fortinet, Palo Alto Networks Gadgets Focused in Coordinated Marketing campaign
Associated: ZDI Drops 13 Unpatched Ivanti Endpoint Supervisor Vulnerabilities
