cvelistv5 - cve-2025-32756

CVE-2025-32756 (GCVE-0-2025-32756)

Vulnerability from cvelistv5

Published

2025-05-13 14:46

Modified

2026-02-26 18:28

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RC:C

CWE

CWE-121 - Execute unauthorized code or commands

Summary

A stack-based buffer overflow vulnerability [CWE-121] vulnerability in Fortinet FortiCamera 2.1.0 through 2.1.3, FortiCamera 2.0 all versions, FortiCamera 1.1 all versions, FortiMail 7.6.0 through 7.6.2, FortiMail 7.4.0 through 7.4.4, FortiMail 7.2.0 through 7.2.7, FortiMail 7.0.0 through 7.0.8, FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.7, FortiNDR 7.2.0 through 7.2.4, FortiNDR 7.0.0 through 7.0.6, FortiRecorder 7.2.0 through 7.2.3, FortiRecorder 7.0.0 through 7.0.5, FortiRecorder 6.4.0 through 6.4.5, FortiVoice 7.2.0, FortiVoice 7.0.0 through 7.0.6, FortiVoice 6.4.0 through 6.4.10 allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie.

References

URL

Tags

https://fortiguard.fortinet.com/psirt/FG-IR-25-254

Impacted products

Vendor

Product

Version

Fortinet

FortiNDR

Version: 7.6.0
Version: 7.4.0   ≤ 7.4.7
Version: 7.2.0   ≤ 7.2.4
Version: 7.1.0   ≤ 7.1.1
Version: 7.0.0   ≤ 7.0.6
Version: 1.5.0   ≤ 1.5.3
Version: 1.4.0
Version: 1.3.0   ≤ 1.3.1
Version: 1.2.0
Version: 1.1.0
    cpe:2.3:a:fortinet:fortindr:7.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:7.4.7:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:7.4.6:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:7.4.5:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:7.4.4:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:7.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:7.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:7.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:7.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:7.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:7.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:7.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:7.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:7.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:7.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:7.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:7.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:7.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:7.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:7.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:7.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:7.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:7.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:1.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:1.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:1.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:1.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:1.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:1.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:1.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:1.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortindr:1.1.0:*:*:*:*:*:*:*

Fortinet	FortiCamera	Version: 2.1.0 ≤ 2.1.3 Version: 2.0.0 Version: 1.1.0 ≤ 1.1.5 cpe:2.3:a:fortinet:forticamera:2.1.3:::::::* cpe:2.3:a:fortinet:forticamera:2.1.2:::::::* cpe:2.3:a:fortinet:forticamera:2.1.1:::::::* cpe:2.3:a:fortinet:forticamera:2.1.0:::::::* cpe:2.3:a:fortinet:forticamera:2.0.0:::::::* cpe:2.3:a:fortinet:forticamera:1.1.5:::::::* cpe:2.3:a:fortinet:forticamera:1.1.4:::::::* cpe:2.3:a:fortinet:forticamera:1.1.3:::::::* cpe:2.3:a:fortinet:forticamera:1.1.2:::::::* cpe:2.3:a:fortinet:forticamera:1.1.1:::::::* cpe:2.3:a:fortinet:forticamera:1.1.0:::::::*
Fortinet	FortiRecorder	Version: 7.2.0 ≤ 7.2.3 Version: 7.0.0 ≤ 7.0.5 Version: 6.4.0 ≤ 6.4.5 cpe:2.3:a:fortinet:fortirecorder:7.2.3:::::::* cpe:2.3:a:fortinet:fortirecorder:7.2.2:::::::* cpe:2.3:a:fortinet:fortirecorder:7.2.1:::::::* cpe:2.3:a:fortinet:fortirecorder:7.2.0:::::::* cpe:2.3:a:fortinet:fortirecorder:7.0.5:::::::* cpe:2.3:a:fortinet:fortirecorder:7.0.4:::::::* cpe:2.3:a:fortinet:fortirecorder:7.0.3:::::::* cpe:2.3:a:fortinet:fortirecorder:7.0.2:::::::* cpe:2.3:a:fortinet:fortirecorder:7.0.1:::::::* cpe:2.3:a:fortinet:fortirecorder:7.0.0:::::::* cpe:2.3:a:fortinet:fortirecorder:6.4.5:::::::* cpe:2.3:a:fortinet:fortirecorder:6.4.4:::::::* cpe:2.3:a:fortinet:fortirecorder:6.4.3:::::::* cpe:2.3:a:fortinet:fortirecorder:6.4.2:::::::* cpe:2.3:a:fortinet:fortirecorder:6.4.1:::::::* cpe:2.3:a:fortinet:fortirecorder:6.4.0:::::::*
Fortinet	FortiVoice	Version: 7.2.0 Version: 7.0.0 ≤ 7.0.6 Version: 6.4.0 ≤ 6.4.10 cpe:2.3:a:fortinet:fortivoice:7.2.0:::::::* cpe:2.3:a:fortinet:fortivoice:7.0.6:::::::* cpe:2.3:a:fortinet:fortivoice:7.0.5:::::::* cpe:2.3:a:fortinet:fortivoice:7.0.4:::::::* cpe:2.3:a:fortinet:fortivoice:7.0.3:::::::* cpe:2.3:a:fortinet:fortivoice:7.0.2:::::::* cpe:2.3:a:fortinet:fortivoice:7.0.1:::::::* cpe:2.3:a:fortinet:fortivoice:7.0.0:::::::* cpe:2.3:a:fortinet:fortivoice:6.4.10:::::::* cpe:2.3:a:fortinet:fortivoice:6.4.9:::::::* cpe:2.3:a:fortinet:fortivoice:6.4.8:::::::* cpe:2.3:a:fortinet:fortivoice:6.4.7:::::::* cpe:2.3:a:fortinet:fortivoice:6.4.6:::::::* cpe:2.3:a:fortinet:fortivoice:6.4.5:::::::* cpe:2.3:a:fortinet:fortivoice:6.4.4:::::::* cpe:2.3:a:fortinet:fortivoice:6.4.3:::::::* cpe:2.3:a:fortinet:fortivoice:6.4.2:::::::* cpe:2.3:a:fortinet:fortivoice:6.4.1:::::::* cpe:2.3:a:fortinet:fortivoice:6.4.0:::::::*
Fortinet	FortiMail	Version: 7.6.0 ≤ 7.6.2 Version: 7.4.0 ≤ 7.4.4 Version: 7.2.0 ≤ 7.2.7 Version: 7.0.0 ≤ 7.0.8 cpe:2.3:a:fortinet:fortimail:7.6.2:::::::* cpe:2.3:a:fortinet:fortimail:7.6.1:::::::* cpe:2.3:a:fortinet:fortimail:7.6.0:::::::* cpe:2.3:a:fortinet:fortimail:7.4.4:::::::* cpe:2.3:a:fortinet:fortimail:7.4.3:::::::* cpe:2.3:a:fortinet:fortimail:7.4.2:::::::* cpe:2.3:a:fortinet:fortimail:7.4.1:::::::* cpe:2.3:a:fortinet:fortimail:7.4.0:::::::* cpe:2.3:a:fortinet:fortimail:7.2.7:::::::* cpe:2.3:a:fortinet:fortimail:7.2.6:::::::* cpe:2.3:a:fortinet:fortimail:7.2.5:::::::* cpe:2.3:a:fortinet:fortimail:7.2.4:::::::* cpe:2.3:a:fortinet:fortimail:7.2.3:::::::* cpe:2.3:a:fortinet:fortimail:7.2.2:::::::* cpe:2.3:a:fortinet:fortimail:7.2.1:::::::* cpe:2.3:a:fortinet:fortimail:7.2.0:::::::* cpe:2.3:a:fortinet:fortimail:7.0.8:::::::* cpe:2.3:a:fortinet:fortimail:7.0.7:::::::* cpe:2.3:a:fortinet:fortimail:7.0.6:::::::* cpe:2.3:a:fortinet:fortimail:7.0.5:::::::* cpe:2.3:a:fortinet:fortimail:7.0.4:::::::* cpe:2.3:a:fortinet:fortimail:7.0.3:::::::* cpe:2.3:a:fortinet:fortimail:7.0.2:::::::* cpe:2.3:a:fortinet:fortimail:7.0.1:::::::* cpe:2.3:a:fortinet:fortimail:7.0.0:::::::*

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

Date added: 2025-05-14

Due date: 2025-06-04

Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Used in ransomware: Unknown

Notes: https://fortiguard.fortinet.com/psirt/FG-IR-25-254 ; https://nvd.nist.gov/vuln/detail/CVE-2025-32756

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32756",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-15T04:01:18.017087Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2025-05-14",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-32756"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T18:28:36.454Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-32756"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2025-05-14T00:00:00.000Z",
            "value": "CVE-2025-32756 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortindr:7.6.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:7.4.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:7.4.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:7.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:7.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:7.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:7.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:7.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:7.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:7.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:7.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:7.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:7.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:7.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:7.1.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:7.1.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:7.0.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:7.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:7.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:7.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:1.5.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:1.5.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:1.5.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:1.5.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:1.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:1.3.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:1.3.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:1.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortindr:1.1.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiNDR",
          "vendor": "Fortinet",
          "versions": [
            {
              "status": "affected",
              "version": "7.6.0"
            },
            {
              "lessThanOrEqual": "7.4.7",
              "status": "affected",
              "version": "7.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.2.4",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.1.1",
              "status": "affected",
              "version": "7.1.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.6",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "1.5.3",
              "status": "affected",
              "version": "1.5.0",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "1.4.0"
            },
            {
              "lessThanOrEqual": "1.3.1",
              "status": "affected",
              "version": "1.3.0",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "1.2.0"
            },
            {
              "status": "affected",
              "version": "1.1.0"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:fortinet:forticamera:2.1.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:forticamera:2.1.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:forticamera:2.1.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:forticamera:2.1.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:forticamera:2.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:forticamera:1.1.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:forticamera:1.1.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:forticamera:1.1.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:forticamera:1.1.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:forticamera:1.1.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:forticamera:1.1.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiCamera",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "2.1.3",
              "status": "affected",
              "version": "2.1.0",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "2.0.0"
            },
            {
              "lessThanOrEqual": "1.1.5",
              "status": "affected",
              "version": "1.1.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortirecorder:7.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:7.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:7.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:7.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:7.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:7.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:7.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:6.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:6.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:6.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:6.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:6.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:6.4.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiRecorder",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.2.3",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.5",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.5",
              "status": "affected",
              "version": "6.4.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortivoice:7.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:7.0.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:7.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:7.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.4.10:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.4.9:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.4.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.4.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.4.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiVoice",
          "vendor": "Fortinet",
          "versions": [
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "lessThanOrEqual": "7.0.6",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.10",
              "status": "affected",
              "version": "6.4.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortimail:7.6.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.6.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.6.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.2.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.0.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.0.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.0.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.0.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiMail",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.6.2",
              "status": "affected",
              "version": "7.6.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.4.4",
              "status": "affected",
              "version": "7.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.2.7",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.8",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A stack-based buffer overflow vulnerability [CWE-121] vulnerability in Fortinet FortiCamera 2.1.0 through 2.1.3, FortiCamera 2.0 all versions, FortiCamera 1.1 all versions, FortiMail 7.6.0 through 7.6.2, FortiMail 7.4.0 through 7.4.4, FortiMail 7.2.0 through 7.2.7, FortiMail 7.0.0 through 7.0.8, FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.7, FortiNDR 7.2.0 through 7.2.4, FortiNDR 7.0.0 through 7.0.6, FortiRecorder 7.2.0 through 7.2.3, FortiRecorder 7.0.0 through 7.0.5, FortiRecorder 6.4.0 through 6.4.5, FortiVoice 7.2.0, FortiVoice 7.0.0 through 7.0.6, FortiVoice 6.4.0 through 6.4.10 allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "Execute unauthorized code or commands",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-15T12:54:22.845Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-254",
          "url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-254"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to FortiNDR version 7.6.1 or above\nUpgrade to FortiNDR version 7.4.8 or above\nUpgrade to FortiNDR version 7.2.5 or above\nUpgrade to FortiNDR version 7.0.7 or above\nUpgrade to FortiCamera version 2.1.4 or above\nUpgrade to FortiRecorder version 7.2.4 or above\nUpgrade to FortiRecorder version 7.0.6 or above\nUpgrade to FortiRecorder version 6.4.6 or above\nUpgrade to FortiVoice version 7.2.1 or above\nUpgrade to FortiVoice version 7.0.7 or above\nUpgrade to FortiVoice version 6.4.11 or above\nUpgrade to FortiMail version 7.6.3 or above\nUpgrade to FortiMail version 7.4.5 or above\nUpgrade to FortiMail version 7.2.8 or above\nUpgrade to FortiMail version 7.0.9 or above"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2025-32756",
    "datePublished": "2025-05-13T14:46:44.208Z",
    "dateReserved": "2025-04-10T08:12:12.347Z",
    "dateUpdated": "2026-02-26T18:28:36.454Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2025-32756",
      "cwes": "[\"CWE-124\"]",
      "dateAdded": "2025-05-14",
      "dueDate": "2025-06-04",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://fortiguard.fortinet.com/psirt/FG-IR-25-254 ; https://nvd.nist.gov/vuln/detail/CVE-2025-32756",
      "product": "Multiple Products",
      "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
      "shortDescription": "Fortinet FortiFone, FortiVoice, FortiNDR and FortiMail contain a stack-based overflow vulnerability that may allow a remote unauthenticated attacker to execute arbitrary code or commands via crafted HTTP requests.",
      "vendorProject": "Fortinet",
      "vulnerabilityName": "Fortinet Multiple Products Stack-Based Buffer Overflow Vulnerability"
    }
  }
}

CERTFR-2025-AVI-0399

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Fortinet indique que la vulnérabilité CVE-2025-32756 est activement exploitée.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Fortinet	FortiClient	FortiClientMac versions 7.4.x antérieures à 7.4.3
Fortinet	FortiPortal	FortiPortal versions 7.0.x antérieures à 7.0.10
Fortinet	FortiMail	FortiMail versions 7.4.x antérieures à 7.4.5
Fortinet	FortiOS	FortiOS versions 7.4.x antérieures à 7.4.7
Fortinet	FortiNDR	FortiNDR versions 7.1.x à 7.2.x antérieures à 7.2.5
Fortinet	FortiNDR	FortiNDR versions 7.6.x antérieures à 7.6.1
Fortinet	FortiManager	FortiManager versions 7.2.x antérieures à 7.2.2
Fortinet	FortiMail	FortiMail versions 7.6.x antérieures à 7.6.3
Fortinet	FortiClientEMS	FortiClientEMS Cloud versions 7.4.x antérieures à 7.4.3
Fortinet	FortiRecorder	FortiRecorder versions 7.0.x antérieures à 7.0.6
Fortinet	FortiManager	FortiManager versions 7.0.x antérieures à 7.0.8
Fortinet	FortiVoice	FortiVoice versions 7.2.x antérieures à 7.2.1
Fortinet	FortiRecorder	FortiRecorder versions 7.2.x antérieures à 7.2.4
Fortinet	FortiNDR	FortiNDR versions antérieures à 7.0.7
Fortinet	FortiOS	FortiOS versions 7.2.x antérieures à 7.2.8
Fortinet	FortiProxy	FortiProxy versions 7.6.x antérieures à 7.6.2
Fortinet	FortiOS	FortiOS versions 7.6.x antérieures à 7.6.1
Fortinet	FortiVoice	FortiVoice versions 7.0.x antérieures à 7.0.7
Fortinet	FortiClient	FortiClientMac versions 7.x antérieures à 7.2.9
Fortinet	FortiRecorder	FortiRecorder versions 6.4.x antérieures à 6.4.6
Fortinet	FortiClient	FortiClientWindows versions 7.2.x antérieures à 7.2.2
Fortinet	FortiCamera	FortiCamera versions antérieures à 2.1.4
Fortinet	FortiPortal	FortiPortal versions 7.4.x antérieures à 7.4.2
Fortinet	FortiClientEMS	FortiClientEMS versions 7.4.x antérieures à 7.4.3
Fortinet	FortiSwitch	FortiSwitchManager versions 7.2.x antérieures à 7.2.6
Fortinet	FortiOS	FortiOS versions antérieures à 7.0.15
Fortinet	FortiMail	FortiMail versions 7.2.x antérieures à 7.2.8
Fortinet	FortiVoice	FortiVoiceUCDesktop versions antérieures à 7.0
Fortinet	FortiVoice	FortiVoice versions 6.4.x antérieures à 6.4.11
Fortinet	FortiNDR	FortiNDR versions 7.4.x antérieures à 7.4.8
Fortinet	FortiMail	FortiMail versions 7.0.x antérieures à 7.0.9
Fortinet	FortiPortal	FortiPortal versions 7.2.x antérieures à 7.2.6

References

Title

Publication Time

Tags

Bulletin de sécurité Fortinet FG-IR-24-472	2025-05-13	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-24-552	2025-05-13	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-24-381	2025-05-13	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-24-548	2025-05-13	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-24-025	2025-05-13	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-24-388	2025-05-13	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-24-380	2025-05-13	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-25-016	2025-05-13	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-25-254	2025-05-13	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-24-023	2025-05-13	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "FortiClientMac versions 7.4.x ant\u00e9rieures \u00e0 7.4.3",
      "product": {
        "name": "FortiClient",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiPortal versions 7.0.x ant\u00e9rieures \u00e0 7.0.10",
      "product": {
        "name": "FortiPortal",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiMail versions 7.4.x ant\u00e9rieures \u00e0 7.4.5",
      "product": {
        "name": "FortiMail",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiOS versions 7.4.x ant\u00e9rieures \u00e0 7.4.7",
      "product": {
        "name": "FortiOS",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiNDR versions 7.1.x \u00e0 7.2.x ant\u00e9rieures \u00e0 7.2.5",
      "product": {
        "name": "FortiNDR",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiNDR versions 7.6.x ant\u00e9rieures \u00e0 7.6.1",
      "product": {
        "name": "FortiNDR",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiManager versions 7.2.x ant\u00e9rieures \u00e0 7.2.2",
      "product": {
        "name": "FortiManager",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiMail versions 7.6.x ant\u00e9rieures \u00e0 7.6.3",
      "product": {
        "name": "FortiMail",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiClientEMS Cloud versions 7.4.x ant\u00e9rieures \u00e0 7.4.3",
      "product": {
        "name": "FortiClientEMS",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiRecorder versions 7.0.x ant\u00e9rieures \u00e0 7.0.6",
      "product": {
        "name": "FortiRecorder",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiManager versions 7.0.x ant\u00e9rieures \u00e0 7.0.8",
      "product": {
        "name": "FortiManager",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiVoice versions 7.2.x ant\u00e9rieures \u00e0 7.2.1",
      "product": {
        "name": "FortiVoice",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiRecorder versions 7.2.x ant\u00e9rieures \u00e0 7.2.4",
      "product": {
        "name": "FortiRecorder",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiNDR versions ant\u00e9rieures \u00e0 7.0.7",
      "product": {
        "name": "FortiNDR",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiOS versions 7.2.x ant\u00e9rieures \u00e0 7.2.8",
      "product": {
        "name": "FortiOS",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiProxy versions 7.6.x ant\u00e9rieures \u00e0 7.6.2",
      "product": {
        "name": "FortiProxy",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiOS versions 7.6.x ant\u00e9rieures \u00e0 7.6.1",
      "product": {
        "name": "FortiOS",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiVoice versions 7.0.x ant\u00e9rieures \u00e0 7.0.7",
      "product": {
        "name": "FortiVoice",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiClientMac versions 7.x ant\u00e9rieures \u00e0 7.2.9",
      "product": {
        "name": "FortiClient",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiRecorder versions 6.4.x ant\u00e9rieures \u00e0 6.4.6",
      "product": {
        "name": "FortiRecorder",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiClientWindows versions 7.2.x ant\u00e9rieures \u00e0 7.2.2",
      "product": {
        "name": "FortiClient",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiCamera versions ant\u00e9rieures \u00e0 2.1.4",
      "product": {
        "name": "FortiCamera",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiPortal versions 7.4.x ant\u00e9rieures \u00e0 7.4.2",
      "product": {
        "name": "FortiPortal",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiClientEMS versions 7.4.x ant\u00e9rieures \u00e0 7.4.3",
      "product": {
        "name": "FortiClientEMS",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiSwitchManager versions 7.2.x ant\u00e9rieures \u00e0 7.2.6",
      "product": {
        "name": "FortiSwitch",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiOS versions ant\u00e9rieures \u00e0 7.0.15",
      "product": {
        "name": "FortiOS",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiMail versions 7.2.x ant\u00e9rieures \u00e0 7.2.8",
      "product": {
        "name": "FortiMail",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiVoiceUCDesktop versions ant\u00e9rieures \u00e0 7.0",
      "product": {
        "name": "FortiVoice",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiVoice versions 6.4.x ant\u00e9rieures \u00e0 6.4.11",
      "product": {
        "name": "FortiVoice",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiNDR versions 7.4.x ant\u00e9rieures \u00e0 7.4.8",
      "product": {
        "name": "FortiNDR",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiMail versions 7.0.x ant\u00e9rieures \u00e0 7.0.9",
      "product": {
        "name": "FortiMail",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiPortal versions 7.2.x ant\u00e9rieures \u00e0 7.2.6",
      "product": {
        "name": "FortiPortal",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-25251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-25251"
    },
    {
      "name": "CVE-2025-47294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47294"
    },
    {
      "name": "CVE-2025-24473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24473"
    },
    {
      "name": "CVE-2024-54020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-54020"
    },
    {
      "name": "CVE-2025-46777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46777"
    },
    {
      "name": "CVE-2024-35281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35281"
    },
    {
      "name": "CVE-2025-32756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32756"
    },
    {
      "name": "CVE-2025-22252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22252"
    },
    {
      "name": "CVE-2025-47295",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47295"
    },
    {
      "name": "CVE-2025-22859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22859"
    }
  ],
  "initial_release_date": "2025-05-13T00:00:00",
  "last_revision_date": "2025-05-13T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0399",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-05-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Fortinet. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.\n\nFortinet indique que la vuln\u00e9rabilit\u00e9 CVE-2025-32756 est activement exploit\u00e9e.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet",
  "vendor_advisories": [
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-472",
      "url": "https://www.fortiguard.com/psirt/FG-IR-24-472"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-552",
      "url": "https://www.fortiguard.com/psirt/FG-IR-24-552"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-381",
      "url": "https://www.fortiguard.com/psirt/FG-IR-24-381"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-548",
      "url": "https://www.fortiguard.com/psirt/FG-IR-24-548"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-025",
      "url": "https://www.fortiguard.com/psirt/FG-IR-24-025"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-388",
      "url": "https://www.fortiguard.com/psirt/FG-IR-24-388"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-380",
      "url": "https://www.fortiguard.com/psirt/FG-IR-24-380"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-016",
      "url": "https://www.fortiguard.com/psirt/FG-IR-25-016"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-254",
      "url": "https://www.fortiguard.com/psirt/FG-IR-25-254"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-023",
      "url": "https://www.fortiguard.com/psirt/FG-IR-24-023"
    }
  ]
}

CERTFR-2025-ALE-006

Vulnerability from certfr_alerte

Le 13 mai 2025, Fortinet a publié un avis de sécurité concernant la vulnérabilité CVE-2025-32756. Celle-ci permet à un attaquant non authentifié d'exécuter du code arbitraire à distance.

L'éditeur indique que cette vulnérabilité est activement exploitée. Les exploitations constatées jusqu'ici concernent les produits FortiVoice.

Fortinet fournit également des marqueurs de compromission à rechercher.

Solutions

Le CERT-FR recommande l'application des correctifs dans les plus brefs délais, se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Si cela n'est pas possible, l'éditeur recommande de désactiver l'interface de gestion. Le CERT-FR rappelle que l'exposition d'une interface de gestion sur Internet est contraire aux bonnes pratiques.

Impacted products

Vendor	Product	Description
Fortinet	FortiMail	FortiMail versions 7.4.x antérieures à 7.4.5
Fortinet	FortiNDR	FortiNDR versions 7.1.x à 7.2.x antérieures à 7.2.5
Fortinet	FortiNDR	FortiNDR versions 7.6.x antérieures à 7.6.1
Fortinet	FortiMail	FortiMail versions 7.6.x antérieures à 7.6.3
Fortinet	FortiRecorder	FortiRecorder versions 7.0.x antérieures à 7.0.6
Fortinet	FortiVoice	FortiVoice versions 7.2.x antérieures à 7.2.1
Fortinet	FortiRecorder	FortiRecorder versions 7.2.x antérieures à 7.2.4
Fortinet	FortiNDR	FortiNDR versions antérieures à 7.0.7
Fortinet	FortiVoice	FortiVoice versions 7.0.x antérieures à 7.0.7
Fortinet	FortiRecorder	FortiRecorder versions 6.4.x antérieures à 6.4.6
Fortinet	FortiCamera	FortiCamera versions antérieures à 2.1.4
Fortinet	FortiMail	FortiMail versions 7.2.x antérieures à 7.2.8
Fortinet	FortiVoice	FortiVoice versions 6.4.x antérieures à 6.4.11
Fortinet	FortiNDR	FortiNDR versions 7.4.x antérieures à 7.4.8
Fortinet	FortiMail	FortiMail versions 7.0.x antérieures à 7.0.9

References

Title

Publication Time

Tags

Bulletin de sécurité Fortinet FG-IR-25-254	2025-05-13	vendor-advisory
Avis CERT-FR CERTFR-2025-AVI-0399 du 13 mai 2025	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "FortiMail versions 7.4.x ant\u00e9rieures \u00e0 7.4.5",
      "product": {
        "name": "FortiMail",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiNDR versions 7.1.x \u00e0 7.2.x ant\u00e9rieures \u00e0 7.2.5",
      "product": {
        "name": "FortiNDR",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiNDR versions 7.6.x ant\u00e9rieures \u00e0 7.6.1",
      "product": {
        "name": "FortiNDR",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiMail versions 7.6.x ant\u00e9rieures \u00e0 7.6.3",
      "product": {
        "name": "FortiMail",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiRecorder versions 7.0.x ant\u00e9rieures \u00e0 7.0.6",
      "product": {
        "name": "FortiRecorder",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiVoice versions 7.2.x ant\u00e9rieures \u00e0 7.2.1",
      "product": {
        "name": "FortiVoice",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiRecorder versions 7.2.x ant\u00e9rieures \u00e0 7.2.4",
      "product": {
        "name": "FortiRecorder",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiNDR versions ant\u00e9rieures \u00e0 7.0.7",
      "product": {
        "name": "FortiNDR",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiVoice versions 7.0.x ant\u00e9rieures \u00e0 7.0.7",
      "product": {
        "name": "FortiVoice",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiRecorder versions 6.4.x ant\u00e9rieures \u00e0 6.4.6",
      "product": {
        "name": "FortiRecorder",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiCamera versions ant\u00e9rieures \u00e0 2.1.4",
      "product": {
        "name": "FortiCamera",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiMail versions 7.2.x ant\u00e9rieures \u00e0 7.2.8",
      "product": {
        "name": "FortiMail",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiVoice versions 6.4.x ant\u00e9rieures \u00e0 6.4.11",
      "product": {
        "name": "FortiVoice",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiNDR versions 7.4.x ant\u00e9rieures \u00e0 7.4.8",
      "product": {
        "name": "FortiNDR",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiMail versions 7.0.x ant\u00e9rieures \u00e0 7.0.9",
      "product": {
        "name": "FortiMail",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "closed_at": "2025-06-24",
  "content": "## Solutions\n\nLe CERT-FR recommande l\u0027application des correctifs dans les plus brefs d\u00e9lais, se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).\n\n Si cela n\u0027est pas possible, l\u0027\u00e9diteur recommande de d\u00e9sactiver l\u0027interface de gestion. Le CERT-FR rappelle que l\u0027exposition d\u0027une interface de gestion sur Internet est contraire aux bonnes pratiques.",
  "cves": [
    {
      "name": "CVE-2025-32756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32756"
    }
  ],
  "initial_release_date": "2025-05-13T00:00:00",
  "last_revision_date": "2025-06-24T00:00:00",
  "links": [
    {
      "title": "Avis CERT-FR CERTFR-2025-AVI-0399 du 13 mai 2025",
      "url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2025-AVI-0399/"
    }
  ],
  "reference": "CERTFR-2025-ALE-006",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-05-13T00:00:00.000000"
    },
    {
      "description": " Cl\u00f4ture de l\u0027alerte. Cela ne signifie pas la fin d\u0027une menace. Seule l\u0027application de la mise \u00e0 jour permet de vous pr\u00e9munir contre l\u0027exploitation de la vuln\u00e9rabilit\u00e9 correspondante.",
      "revision_date": "2025-06-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Le 13 mai 2025, Fortinet a publi\u00e9 un avis de s\u00e9curit\u00e9 concernant la vuln\u00e9rabilit\u00e9 CVE-2025-32756.  Celle-ci permet \u00e0 un attaquant non authentifi\u00e9 d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n\nL\u0027\u00e9diteur indique que cette vuln\u00e9rabilit\u00e9 est activement exploit\u00e9e. Les exploitations constat\u00e9es jusqu\u0027ici concernent les produits FortiVoice.\n\nFortinet fournit \u00e9galement des marqueurs de compromission \u00e0 rechercher.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans les produits Fortinet",
  "vendor_advisories": [
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-254",
      "url": "https://www.fortiguard.com/psirt/FG-IR-25-254"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-32756 (GCVE-0-2025-32756)

Vulnerability from cvelistv5

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

CERTFR-2025-AVI-0399

Vulnerability from certfr_avis

Solutions

CERTFR-2025-ALE-006

Vulnerability from certfr_alerte

Solutions

Tags

Sightings

Nomenclature