AI description
CVE-2025-25256 is an OS command injection vulnerability affecting Fortinet FortiSIEM versions 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9. The vulnerability stems from improper neutralization of special elements within command-line interface (CLI) requests. This vulnerability allows an unauthenticated attacker to execute unauthorized code or commands on vulnerable devices by sending specially crafted CLI requests. Exploit code has been found in the wild, and successful exploitation may not produce distinctive indicators of compromise (IoCs), making it difficult to detect.
- Description
- An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9 allows an unauthenticated attacker to execute unauthorized code or commands via crafted CLI requests.
- Source
- psirt@fortinet.com
- NVD status
- Modified
- Products
- fortisiem
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- psirt@fortinet.com
- CWE-78
- Hype score
- Not currently trending
#VulnerabilityReport #CommandInjection FortiSIEM CVE-2025-25256 (CVSS 9.8): Remote Unauthenticated Command Injection with Exploit in the Wild https://t.co/cCklvXYjY7
@Komodosec
18 Sept 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code Fortinet is alerting customers 𝗦𝘁𝗮𝘆 𝗶𝗻𝗳𝗼𝗿𝗺𝗲𝗱. 𝗛𝗶𝘁 𝘁𝗵𝗲 𝗳𝗼𝗹𝗹𝗼𝘄 𝗯𝘂𝘁𝘁𝗼𝗻! @thehackersnews @edgeitech
@Edgeitech
25 Aug 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet ve Ivanti, Ağustos 2025 güncellemesiyle ilgili kritik güvenlik açıklarını açıkladı. Fortinet, CVE-2025-25256 gibi önemli bir açığı tespit etti. Uzaktan erişimle kötüye kullanılma riski var. Peki, siz güncellemeleri ne zaman uyguluyorsunuz? #güvenlik
@Siber_Kalkan_
23 Aug 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet выпустил патчи для уязвимости CVE-2025-25256 в FortiSIEM, позволяющей неавторизованным пользователям выполнять команды на уязвимых устройствах. Обновление о
@cybereye_ru
23 Aug 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical vulnerability (CVE-2025-25256) in FortiSIEM has been disclosed, allowing remote, unauthenticated command injection. Arctic Wolf recommends upgrading to the latest fixed versions of FortiSIEM to mitigate this risk. https://t.co/PavbNdgxzZ
@ChannelSkell
21 Aug 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-25256: Proof of Concept Released for Critical Fortinet FortiSIEM Command Injection Vulnerability https://t.co/LuY6sStliG https://t.co/nX7aiHVENT
@Trej0Jass
19 Aug 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Múltiples vulnerabilidades en productos Fortinet ❗CVE-2025-25256 ❗CVE-2024-26009 ❗CVE-2025-52970 ➡️Más info: https://t.co/jyDzg1wpbv https://t.co/bJyIADpbEE
@CERTpy
18 Aug 2025
127 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-25256: Proof of Concept Released for Critical Fortinet FortiSIEM Command Injection Vulnerability https://t.co/W1y417KRlh https://t.co/MBeVSjdVPn
@pcasano
18 Aug 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-25256: Proof of Concept Released for Critical Fortinet FortiSIEM Command Injection Vulnerability https://t.co/hRvhY1wU0o https://t.co/mUAPqxYR1Y
@ggrubamn
18 Aug 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-25256 - critical 🚨 Fortinet FortiSIEM - OS Command Injection > Fortinet FortiSIEM 6.7.9 < version <= 7.3.1 contains an OS command injection caused b... 👾 https://t.co/cOUrb05KRc @pdnuclei #NucleiTemplates #cve
@pdnuclei_bot
18 Aug 2025
251 Impressions
1 Retweet
1 Like
1 Bookmark
0 Replies
0 Quotes
Fortinet Patches Critical FortiSIEM Flaw CVE-2025-25256 Amid Exploits https://t.co/AqdcP8WLoH #CyberSecurity #Patches #CSCIS
@CIDC_Ops
18 Aug 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 ثغرة خطيرة في نظام Fortinet FortiSIEM (CVE-2025-25256) من نوع OS Command Injection، تُستغل دون الحاجة لأي صلاحيات (Pre-Auth RCE). 🔹 مستوى الخطورة: يتيح للمهاجم إرسال أوامر مباشرة إلى
@abdul__alamri
17 Aug 2025
1231 Impressions
2 Retweets
12 Likes
7 Bookmarks
1 Reply
0 Quotes
به تازگی برای محصول امنیتی FortiSIEM ،آسیب پذیری با کد شناسایی CVE-2025-25256 از نوع RCE منتشر شده است. هکرها برای اکسپلویت کردن این آسیب پذیری نیازی به احراز هویت و authe
@AmirHossein_sec
17 Aug 2025
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛸 CVE-2025-25256 : Fortinet FortiSIEM - unauthenticated OS Command Injection (RCE) 🪮PoC : https://t.co/eb0141lYmK #Cybersecurity #bugbounty #CVE https://t.co/rjRWxaZ6oA
@TodayCyberNews
17 Aug 2025
756 Impressions
4 Retweets
11 Likes
6 Bookmarks
0 Replies
0 Quotes
Fortinet のセキュリティ監視基盤 FortiSIEM に深刻な認証前コマンドインジェクション脆弱性(CVE-2025-25256)が発見され、すでに実際の攻撃で悪用されていることが判明した。 問題はポート7900上で動作する phMonitor
@yousukezan
16 Aug 2025
4296 Impressions
7 Retweets
38 Likes
6 Bookmarks
0 Replies
1 Quote
FortinetのFortiSIEMプラットフォームに深刻な認証前コマンドインジェクション脆弱性(CVE-2025-25256)が発見され、攻撃者が認証なしで企業のセキュリティ監視システムを完全に侵害できる。脆弱性は実際に悪用さ
@cyber_edu_jp
16 Aug 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code #CISO https://t.co/iBsYCOqNtC https://t.co/OfZOcC2B5k
@compuchris
16 Aug 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨💥 CVE ALERT – FortiSIEM under active attack CVE-2025-25256 → Pre-auth RCE (CVSS 9.8) in FortiSIEM 5.4–7.3.1. ⚠️ Exploit code already in the wild. Targets: gov, enterprises, MSSPs. 🛡 Fix: Upgrade to 7.3.2 / 7.2.6 / 7.1.8 / 7.0.4 / 6.7.10 🚫 Or block phMon
@Newtalics
16 Aug 2025
37 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Rising Exploitation of #CVE-2025-25256: FortiSIEM phMonitor Under Attack https://t.co/9CmMITWF4v Educational Purposes!
@UndercodeUpdate
16 Aug 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet製のセキュリティ監視製品「FortiSIEM」に深刻な事前認証コマンドインジェクション脆弱性(CVE-2025-25256)が報告された。 本脆弱性はCWE-78(OSコマンドインジェクション)に分類され、TCP 7900番ポートで動
@yousukezan
16 Aug 2025
1831 Impressions
0 Retweets
11 Likes
3 Bookmarks
0 Replies
0 Quotes
🚨 Fortinet FortiSIEM Command Injection Vulnerability (CVE-2025-25256) - Technical Details Revealed Read more: https://t.co/9Jwhc81kTz A comprehensive technical analysis of a critical pre-authentication command injection vulnerability affecting Fortinet FortiSIEM systems, ht
@The_Cyber_News
16 Aug 2025
844 Impressions
0 Retweets
4 Likes
0 Bookmarks
1 Reply
0 Quotes
GitHub - watchtowrlabs/watchTowr-vs-FortiSIEM-CVE-2025-25256 - https://t.co/ToahHIalkJ
@piedpiper1616
16 Aug 2025
1054 Impressions
4 Retweets
14 Likes
3 Bookmarks
0 Replies
0 Quotes
Should Security Solutions Be Secure? Maybe We're All Wrong - Fortinet FortiSIEM Pre-Auth Command Injection (CVE-2025-25256) - watchTowr Labs https://t.co/pVRox4ai4p https://t.co/R6tRnN4MfA
@secharvesterx
15 Aug 2025
80 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Should Security Solutions Be Secure? Maybe We're All Wrong - Fortinet FortiSIEM Pre-Auth Command Injection (CVE-2025-25256) - watchTowr Labs https://t.co/qWyXLnN4DE
@_r_netsec
15 Aug 2025
701 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
Should security solutions be secure? We're beginning to feel wrong. Enjoy some unscheduled programming - our analysis of CVE-2025-25256, a pre-auth Command Injection in Fortinet's FortiSIEM https://t.co/xr9m8lkgzH
@watchtowrcyber
15 Aug 2025
11916 Impressions
31 Retweets
89 Likes
33 Bookmarks
3 Replies
2 Quotes
🚨 Urgent Fortinet alert: Critical FortiSIEM vulnerability (CVE-2025-25256) is being actively exploited in the wild! Patch now to protect your systems from this severe threat. #Fortinet #CyberSecurity https://t.co/bU3GoIFHm8
@xcybersecnews
15 Aug 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Urgent : La vulnérabilité critique CVE-2025-25256 dans FortiSIEM expose les systèmes à une injection de commandes OS ! Fortinet recommande une mise à jour immédiate. Avez-vous des mesures en place pour protéger vos infrastructures ? #CyberSécurité #Fortinet #CyberSécuri
@CyberSentinelle
15 Aug 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code #CISO https://t.co/b0pWRgsU5K https://t.co/oWmHhelgCk
@compuchris
15 Aug 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-25256 FortiSIEM Vulnerability with in-the-wild exploit code https://t.co/fuWcIog9fb https://t.co/bdehMg6pXr
@ChaosMonkie
14 Aug 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 ALERTA | Vulnerabilidad crítica en #FortiSIEM (CVE-2025-25256, CVSS 9.8) explotada activamente. 💡 Fortinet recomienda: ✅ Actualizar ✅ Restringir acceso al puerto 7900 En Compunet te ayudamos a mitigar riesgos. #Ciberseguridad #Fortinet https://t.co/7Olp3cSrQG
@CompunetChile
14 Aug 2025
37 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-25256: Proof of Concept Released for Critical Fortinet FortiSIEM Command Injection Vulnerability https://t.co/UiYCrHfayu https://t.co/dTlJk754OG
@EAlexStark
14 Aug 2025
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Ignoring critical vulnerabilities could lead to disaster. CVE-2025-25256, a pre-authentication RCE flaw in Fortinet FortiSIEM, is exploited with a staggering CVSS score of 9.6. https://t.co/jVpSasfOl7
@The4n6Analyst
14 Aug 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-25256: Proof of Concept Released for Critical Fortinet FortiSIEM Command Injection Vulnerability https://t.co/AAg23iBDwW https://t.co/MRrw70Sz1D
@secured_cyber
14 Aug 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
"Fortinet is aware that CVE-2025-25256 has been exploited in the wild." https://t.co/ZWZBSVUXbc
@CheddarB0b42
14 Aug 2025
289 Impressions
0 Retweets
9 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-25256: Proof of Concept Released for Critical Fortinet FortiSIEM Command Injection Vulnerability https://t.co/nLszSwZ6Ne https://t.co/gzZypriTF8
@Trej0Jass
14 Aug 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
$FTNT: Added to the list Recently, the FortiSIEM platform discovered a critical vulnerability (CVSS score 9.8) named CVE-2025-25256 and has been exploited in real-world code. Get entry and stop-loss levels 👇👇👇 🔗 https://t.co/kXiQS48jRf🚀🚀🚀 https://t.co/bDXyso
@Cathy4801896821
14 Aug 2025
76 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Breaking: Fortinet has released patches for a critical OS command injection flaw in FortiSIEM (CVE-2025-25256, CVSS 9.8) after exploit code surfaced in the wild. Affected versions: 5.4–7.3.1. Patch now or restrict port 7900 access. #infosec #cybersecurity https://t.co/mplnc5ddi
@BreachNet
14 Aug 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
تحذير أمني: استغلال مُحتمل وثغرة حرجة في FortiSIEM (CVE-2025-25256) التاريخ: 13 أغسطس 2025 • ثغرة حرجة (CVE‑2025‑25256) في منصة FortiSIEM تتيح تنفيذ أوامر نظام التشغيل عن بُعد بو
@cyber_shockry
14 Aug 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
FortiSIEMに深刻な脆弱性、実際の悪用も確認(CVE-2025-25256) #セキュリティ対策Lab #セキュリティ #Security https://t.co/EHRgh6H7zC
@securityLab_jp
14 Aug 2025
94 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet warns of a critical command injection vulnerability, CVE-2025-25256, affecting versions 5.4 to 7.3. Exploits exist in the wild. Upgrade to versions 7.3.2 or newer; a partial workaround is available. #Security https://t.co/yVKp9O60dD
@Strivehawk
13 Aug 2025
68 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
FortiSIEMの重大(Critical)な脆弱性CVE-2025-25256が実際に悪用されていると、CERT-EUのアドバイザリ。 https://t.co/CP2V5KU62w
@__kokumoto
13 Aug 2025
76 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
1 Quote
Fortinet patches critical OS command injection flaw (CVE-2025-25256) in FortiSIEM versions 6.1 to 7.3.1 amid active exploitation and brute-force attacks targeting SSL VPNs and FortiManager devices. #FortiSIEM #FortinetPatch #InfoSec https://t.co/RthLVCJxNd
@TweetThreatNews
13 Aug 2025
42 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨CVE-2025-25256: Fortinet FortiSIEM OS Command Injection Vulnerability, Exploit in the Wild https://t.co/I0uiSNEFZZ https://t.co/N0nk32SrnO
@DarkWebInformer
13 Aug 2025
6407 Impressions
14 Retweets
54 Likes
10 Bookmarks
0 Replies
0 Quotes
A critical vulnerability (CVE-2025-25256) in Fortinet's FortiSIEM allows unauthenticated attackers to execute arbitrary commands remotely via the phMonitor port 7900. Active exploitation has been confirmed, with no distinctive IoCs. https://t.co/Th7OBDqJzv
@securityRSS
13 Aug 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet está alertando a sus clientes sobre una falla de seguridad crítica en FortiSIEM para la cual, según dice, existe un exploit disponible. CVE-2025-25256 #2025 #Infosec #BT https://t.co/jYRwq4dpnr https://t.co/Szbd9IulTW
@BrierandThornMX
13 Aug 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet, FortiSIEM'deki kritik bir güvenlik açığı (CVE-2025-25256) konusunda müşterilerini uyarıyor. Sahada aktif olarak kullanılan bir sömürü kodunun bulunduğu bu zafiyet, 10 üzerinden 9.8 gibi yüksek bir CVSS puanına sahip. https://t.co/uDo6rsyKC6
@et2mas
13 Aug 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
On 8/12/2025, Fortinet released patches for a critical vulnerability impacting FortiSIEM appliances. CVE-2025-25256 (CVSS 9.8) is a remote unauthenticated command injection vulnerability that could allow unauthenticated attackers to perform OS code injection. https://t.co/Mi5
@BlackpointUS
13 Aug 2025
90 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🛡️ FortiSIEM tiene una nueva vulnerabilidad crítica Fortinet alertó sobre CVE-2025-25256. Es un fallo de inyección de comandos en FortiSIEM que permite a atacantes no autenticados ejecutar código o comandos con solicitudes CLI manipuladas. El exploit ya circula en la
@CycuraMX
13 Aug 2025
2520 Impressions
15 Retweets
47 Likes
11 Bookmarks
0 Replies
0 Quotes
CVE-2025-25256はFortiSIEMに存在する認証不要のOSコマンドインジェクション脆弱性で、細工されたCLIリクエストにより任意コードやコマンドを実行される危険がある。 Fortinetは実際に悪用コードが出回っていること
@yousukezan
13 Aug 2025
1712 Impressions
2 Retweets
7 Likes
1 Bookmark
0 Replies
0 Quotes
Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code https://t.co/9sDq6ZF7qK
@Dinosn
13 Aug 2025
2402 Impressions
5 Retweets
22 Likes
8 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AE219A7C-15F6-42F1-8A2E-2D9C2D182F47",
"versionEndExcluding": "6.7.10",
"versionStartIncluding": "5.4.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C19909A4-227B-460D-B1EF-5115B8DB0CF9",
"versionEndExcluding": "7.0.4",
"versionStartIncluding": "7.0.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "119827CE-B8BF-4418-830F-B87CA0305265",
"versionEndExcluding": "7.1.8",
"versionStartIncluding": "7.1.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8DBF861B-B200-40BA-86A3-51E90F3DCF04",
"versionEndExcluding": "7.2.6",
"versionStartIncluding": "7.2.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A631305-1FA5-4CE8-B180-DC4BD6467A2F",
"versionEndExcluding": "7.3.2",
"versionStartIncluding": "7.3.0"
}
],
"operator": "OR"
}
]
}
]