Two critical security vulnerabilities have been discovered in Fortinet solutions that can be exploited by exploit codes. The vulnerabilities affect FortiSIEM and FortiWeb versions.
You can protect yourself by installing updates or upgrading to newer versions. All the necessary information about these security vulnerabilities can be found in this news article, as successful attacks can have serious consequences.
The security vulnerabilities are FortiSIEM CVE-2025-25256, which is classified as ‘critical’, and FortiWeb CVE-2025-52970, which has been classified as ‘high’. They were only recently discovered, so the risk of these vulnerabilities being exploited is all the greater. You should act quickly.
On 12 August 2025, the vulnerability was discovered in Fortinet FortiSIEM. It is an unauthenticated remote command injection vulnerability where the neutralisation of special elements was performed improperly. Commands or unauthorised code enter the systems via prepared CLI requests and damage them.
This vulnerability in parameter processing is particularly critical because it allows access without login, i.e. by unauthenticated attackers. An attacker can gain administrator rights via a specially crafted request or manipulate a private key, which can lead to damage to the system.
Affected FortiSIEM versions:
FortiSIEM versions 6.7.10, 7.0.4, 7.1.8, 7.2.6 and 7.3.2 are considered secure.
Affected FortiWeb versions:
To protect yourself from an attack and thus from compromising your system, you should act immediately. Fortinet recommends updating the installed product versions to a secure version or performing an upgrade. The corresponding patches are already available for installation. Since attackers can not only compromise systems but also steal sensitive data or inject malware, a quick response is essential.
If you need assistance with updating or patch management, we are happy to help. Together with IT-Planet, you can ensure the security of your infrastructure.
