- Description
- A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4 all versions, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows attacker to execute unauthorized code or commands via specially crafted packets
- Source
- psirt@fortinet.com
- NVD status
- Modified
- Products
- fortios, fortiswitchmanager, fortisase
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- Hype score
- Not currently trending
🚨 Fortinet FortiSIEM [—] Jan 23, 2026 Critical Product Security Advisory for Fortinet FortiSIEM — Unauthenticated Remote Code Execution and Command Injection Vulnerabilities (CVE-2025-64155, CVE-2025-25249) and Associated Threats Checkout our Threat Intelligence Platform:.
@transilienceai
23 Jan 2026
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-25249: FortiOS, FortiSASE, and FortiSwitchManager Heap-Based Buffer Overflow Vulnerability [High] Jan 19, 2026 Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1 https://t.co/QuwNtEgYh1 #ThreatIntelligence #CyberSecurity https://t.co/C7htLr22xu
@transilienceai
19 Jan 2026
68 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Fortinet FortiSIEM [—] Jan 18, 2026 Comprehensive Security Advisory: Critical Command Injection and Exploitation Risks in Fortinet FortiSIEM (CVE-2025-64155, CVE-2025-25249) Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1... https://t.co/MbmHh7IIKR
@transilienceai
18 Jan 2026
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Vulnerabilidades en productos Fortinet ❗ CVE-2025-64155 ❗ CVE-2025-47855 ❗ CVE-2025-25249 ➡️ Más info: https://t.co/VJwLKjD4Mu https://t.co/AcFaJqp2HO
@CERTpy
16 Jan 2026
103 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
تحذير سيبراني عن أكثر من ثغرة متباينة مستوى الخطورة يجري استغلالها، ومنها ثغرة عالية الخطورة (CVE-2025-25249) موجودة على عدة منتجات من شركة فورتينت Fortinet، تفاص
@IPMasters1
14 Jan 2026
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Upozorňujeme na kritické a vysoce závažné zranitelnosti v produktech Fortinet FortiSIEM, FortiFone Web Portal, FortiOS, FortiSwitchManager, FortiSASE, CVE-2025-64155, CVE-2025-47855 a CVE-2025-25249. Tyto zranitelnosti zahrnují neautentizované vzdálené spouštění
@GOVCERT_CZ
14 Jan 2026
910 Impressions
3 Retweets
4 Likes
3 Bookmarks
0 Replies
1 Quote
🚨 Fortinet Fixes FortiOS/FortiSwitchManager RCE Bug (CVE-2025-25249) — Patch Urgently A heap-based buffer overflow in FortiOS/FortiSwitchManager’s cw_acd daemon (CVE-2025-25249, CVSS 7.4) can let unauthenticated attackers send crafted requests to execute arbitrary code/com
@ThreatSynop
14 Jan 2026
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-25249 Heap-Based Buffer Overflow in Fortinet FortiOS and Related Products Enables Remote Code Execution https://t.co/GFDmqgvwmY
@VulmonFeeds
13 Jan 2026
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
https://t.co/451X395tr5 CVE-2025-25249 A heap-based buffer overflow vuln in FortiOS cw_acd daemon may allow a remote unauthenticated attacker to execute arbitrary code or commands Always use FortiGate local-in-policies on all interfaces for hardening. #infosec #fortinet
@collysucker
13 Jan 2026
24 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🟠 CVE-2025-25249 - High A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4.0 thro... https://t.co/AVy6qL9mgl https://t.co/vC1gALQKDL
@TheHackerWire
13 Jan 2026
112 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-25249 A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7… https://t.co/SekQsgXEcD
@CVEnew
13 Jan 2026
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "129406C1-A2FA-4289-8009-8AEEFEF14AAC",
"versionEndExcluding": "6.4.17",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEB8B8A-797C-4E5E-BCDB-A54EB83AD8A2",
"versionEndExcluding": "7.0.18",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8FAAA2E-7A53-4F6B-A9C7-1E2B4CB5F7EB",
"versionEndExcluding": "7.2.12",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2093EFE3-4B7F-4806-9850-C42B26BC64AC",
"versionEndExcluding": "7.4.9",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1C30E0D-7F09-42D2-9EB1-E2196BD50D75",
"versionEndExcluding": "7.6.4",
"versionStartIncluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1B9AA70-BB46-403B-94C1-D94C64E22334",
"versionEndExcluding": "7.0.6",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE22A407-02CB-4979-A38D-9EBAFEB350F6",
"versionEndExcluding": "7.2.7",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortisase:25.1.39:*:*:*:-:*:*:*",
"matchCriteriaId": "77B84900-E96D-4E2C-8797-B1460E71874E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortisase:25.1.51:*:*:*:-:*:*:*",
"matchCriteriaId": "12A8EE3F-EEAF-460D-B2DB-551509DF0814",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]