CVE-2025-32756

Published May 13, 2025

Last updated a month ago

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-32756 is a stack-based buffer overflow vulnerability that affects multiple Fortinet products, including FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary code or commands by sending specially crafted HTTP requests. Fortinet has observed active exploitation of this vulnerability in the wild, specifically targeting FortiVoice systems. During the exploitation of CVE-2025-32756, threat actors have been observed performing network scans, deleting system crash logs to conceal their activity, and enabling 'fcgi debugging' to log credentials. Additionally, they have been seen deploying malware, establishing cron jobs to harvest credentials, and using scripts to conduct network reconnaissance on compromised devices.

Description
A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiVoice versions 7.2.0, 7.0.0 through 7.0.6, 6.4.0 through 6.4.10, FortiRecorder versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.5, 6.4.0 through 6.4.5, FortiMail versions 7.6.0 through 7.6.2, 7.4.0 through 7.4.4, 7.2.0 through 7.2.7, 7.0.0 through 7.0.8, FortiNDR versions 7.6.0, 7.4.0 through 7.4.7, 7.2.0 through 7.2.4, 7.0.0 through 7.0.6, FortiCamera versions 2.1.0 through 2.1.3, 2.0 all versions, 1.1 all versions, allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie.
Source
psirt@fortinet.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Known exploits

Data from CISA

Vulnerability name
Fortinet Multiple Products Stack-Based Buffer Overflow Vulnerability
Exploit added on
May 14, 2025
Exploit action due
Jun 4, 2025
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weaknesses

psirt@fortinet.com
CWE-121
nvd@nist.gov
CWE-787

Social media

Hype score
Not currently trending
  1. 🚨 Exploiting #CVE-2025-32756: Fortinet Stack-Based Buffer Overflow Vulnerability https://t.co/3NDdegqCQK Educational Purposes!

    @UndercodeUpdate

    10 Jun 2025

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Proof of Concept for CVE-2025-32756 - A critical stack-based buffer overflow vulnerability affecting multiple Fortinet products. #bugbounty #bugbountytips #CVE-2025-32756 https://t.co/KeKRkhLH5l

    @zapstiko

    9 Jun 2025

    331 Impressions

    1 Retweet

    4 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  3. 【アーカイブ】 Fortinet製品の脆弱性詳細と対策を解説! Fortinet製品で確認された脆弱性(CVE-2025-32756)の詳細と対策|PoCも公開済み https://t.co/M49thbCaI7 #cybernote #ブログ仲間と繋がりたい #Webライター

    @CyberNote_media

    9 Jun 2025

    44 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 【アーカイブ】 重要!Fortinetの脆弱性情報とその対策を確認しよう。 Fortinet製品で確認された脆弱性(CVE-2025-32756)の詳細と対策|PoCも公開済み https://t.co/M49thbBCSz #cybernote #ブログ仲間と繋がりたい #Webライタ

    @CyberNote_media

    9 Jun 2025

    58 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. 🚨 Critical Fortinet Vulnerability Exploited in the Wild: Remote Code Execution via Crafted HTTP Requests 🛠️ Multiple Fortinet products impacted including FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera ⚠️ Threat actors are actively exploiting CVE-2025-

    @threatsbank

    9 Jun 2025

    41 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. CVE-2025-32756: Buffer Overflow in Fortinet products, 9.8 rating 🔥 Some Fortinet products are vulnerable to a buffer overflow. Vuln is old, but a PoC was recently released! Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/p1J9Cnc56X #cybersecurity #vulnerability_m

    @Netlas_io

    9 Jun 2025

    775 Impressions

    3 Retweets

    13 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  7. 🚨 Fortinet 0-Day Alert: CVE-2025-32756 - PoC Exploit Released A critical zero-day vulnerability (CVE-2025-32756) in multiple Fortinet products, rated 9.8 CVSS, allows unauthenticated remote code execution via a stack-based buffer overflow in the /remote/hostcheck_validate ht

    @Ransom_DB

    9 Jun 2025

    255 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. Fortinet製品に影響するゼロデイ脆弱性CVE-2025-32756のPoCコードが公開された。 この脆弱性は、認証不要でリモートコード実行が可能なスタックベースのバッファオーバーフローに起因し、FortiVoiceやFortiMailなど複

    @yousukezan

    9 Jun 2025

    1255 Impressions

    0 Retweets

    6 Likes

    4 Bookmarks

    0 Replies

    0 Quotes

  9. 【アーカイブ】 重要なFortinet脆弱性の詳細と対策情報を確認しよう! Fortinet製品で確認された脆弱性(CVE-2025-32756)の詳細と対策|PoCも公開済み https://t.co/M49thbBCSz #cybernote #ブログ仲間と繋がりたい #Webライタ

    @CyberNote_media

    9 Jun 2025

    61 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. CVE-2025-32756: Fortinet RCE PoC https://t.co/e4RZ0Z0JdI

    @hack_sparo

    8 Jun 2025

    1090 Impressions

    0 Retweets

    23 Likes

    5 Bookmarks

    0 Replies

    0 Quotes

  11. 【セキュリティニュース】 Fortinet製品で確認された脆弱性(CVE-2025-32756)の詳細と対策|PoCも公開済み https://t.co/OS1a4RwcPN cybernote

    @BADBEAR112919

    8 Jun 2025

    35 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. 【アーカイブ】 Fortinet脆弱性の詳細と対策を確認し、安全を確保しよう! Fortinet製品で確認された脆弱性(CVE-2025-32756)の詳細と対策|PoCも公開済み https://t.co/M49thbBCSz #cybernote #ブログ仲間と繋がりたい #Webラ

    @CyberNote_media

    8 Jun 2025

    50 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. Top 5 Trending CVEs: 1 - CVE-2024-24919 2 - CVE-2025-32756 3 - CVE-2024-6387 4 - CVE-2025-30397 5 - CVE-2025-49113 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    8 Jun 2025

    110 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. 【セキュリティニュース】 Fortinet製品で確認された脆弱性(CVE-2025-32756)の詳細と対策|PoCも公開済み https://t.co/OS1a4RwcPN cybernote

    @BADBEAR112919

    8 Jun 2025

    34 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. #exploit 1. CVE-2025-32756: https://t.co/1w8oAjYxV0 Fortinet (FortiVoice, FortiMail, FortiNDR, FortiRecorder, FortiCamera) Stack-based BoF 2. CVE-2025-49223: https://t.co/0HK0aFCF70 Prototype Pollution in Billboard.js 3. CVE-2025-37899: https://t.co/RnMzAPQJjW Linux kernel SMB

    @ksg93rd

    8 Jun 2025

    1165 Impressions

    4 Retweets

    14 Likes

    9 Bookmarks

    1 Reply

    0 Quotes

  16. 【アーカイブ】 最新の脆弱性情報とその対策を確認しよう! Fortinet製品で確認された脆弱性(CVE-2025-32756)の詳細と対策|PoCも公開済み https://t.co/M49thbBCSz #cybernote #ブログ仲間と繋がりたい #Webライター

    @CyberNote_media

    7 Jun 2025

    42 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. 【セキュリティニュース】 Fortinet製品で確認された脆弱性(CVE-2025-32756)の詳細と対策|PoCも公開済み https://t.co/OS1a4RwcPN cybernote

    @BADBEAR112919

    7 Jun 2025

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. Fortinet vulnerabilities discovered CVE-2025-32756 stack-based buffer ver in AuthHash cookie . An unauthenticated remote code execution Products impacted: FortiVoice, FortiMail, FortiNDR, FortiRecorder, FortiCamera. Recommendations: Patch is required.

    @OSINTAFRICA89

    7 Jun 2025

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  19. 【アーカイブ】 Fortinetの脆弱性詳細と対策を解説。早期対応を! Fortinet製品で確認された脆弱性(CVE-2025-32756)の詳細と対策|PoCも公開済み https://t.co/M49thbBCSz #cybernote #ブログ仲間と繋がりたい #Webライター

    @CyberNote_media

    7 Jun 2025

    34 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  20. CVE-2025-32756: Fortinet RCE PoC stack-based buffer overflow vulnerability. Type: Stack-based buffer overflow in AuthHash cookie Impact: Unauthenticated remote code execution Affected Products: FortiVoice, FortiMail, FortiNDR, FortiRecorder, FortiCamera. https://t.co/kvuvvYC3IB

    @cyber_advising

    6 Jun 2025

    14119 Impressions

    48 Retweets

    154 Likes

    76 Bookmarks

    2 Replies

    2 Quotes

  21. 【アーカイブ】 Fortinet製品の脆弱性情報と対策を解説!今すぐ確認を。 Fortinet製品で確認された脆弱性(CVE-2025-32756)の詳細と対策|PoCも公開済み https://t.co/M49thbCaI7 #cybernote #ブログ仲間と繋がりたい #Webライ

    @CyberNote_media

    6 Jun 2025

    54 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  22. 【アーカイブ】 Fortinetの新たな脆弱性対策!PoC公開中! Fortinet製品で確認された脆弱性(CVE-2025-32756)の詳細と対策|PoCも公開済み https://t.co/M49thbBCSz #cybernote #ブログ仲間と繋がりたい #Webライター

    @CyberNote_media

    6 Jun 2025

    42 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  23. 【アーカイブ】 Fortinetの脆弱性詳細と対策を徹底解説! Fortinet製品で確認された脆弱性(CVE-2025-32756)の詳細と対策|PoCも公開済み https://t.co/M49thbBCSz #cybernote #ブログ仲間と繋がりたい #Webライター

    @CyberNote_media

    5 Jun 2025

    38 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  24. CVE-2025-32756: Fortinet RCE Exploited in the Wild https://t.co/XebHREhI9h #bugbountytips #EthicalHacking #Hacks

    @NitinGavhane_

    5 Jun 2025

    58 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  25. 【アーカイブ】 Fortinet製品の脆弱性情報と対策、早めの確認を! Fortinet製品で確認された脆弱性(CVE-2025-32756)の詳細と対策|PoCも公開済み https://t.co/M49thbCaI7 #cybernote #ブログ仲間と繋がりたい #Webライター

    @CyberNote_media

    5 Jun 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  26. Actively exploited CVE : CVE-2025-32756

    @transilienceai

    5 Jun 2025

    47 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  27. 🚨CVE-2025-32756: Critical Stack-Based Buffer Overflow in Fortinet Products FOFA Link: https://t.co/o2hEi3B0Xq FOFA Query: app="FORTINET-FortiVoice" || app="Fortinet-FortiNDR" || app="FORTINET-FortiCamera" || app="FORTINET-FortiMail" || app="FORTINET-FortiRecorder" Results:

    @DarkWebInformer

    4 Jun 2025

    8096 Impressions

    22 Retweets

    106 Likes

    45 Bookmarks

    1 Reply

    0 Quotes

  28. 【アーカイブ】 Fortinetの脆弱性発覚!早急な対策が必要です。 Fortinet製品で確認された脆弱性(CVE-2025-32756)の詳細と対策|PoCも公開済み https://t.co/M49thbBCSz #cybernote #ブログ仲間と繋がりたい #Webライター

    @CyberNote_media

    4 Jun 2025

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  29. 【アーカイブ】 Fortinet脆弱性の詳細と対策情報。早期対応必須です! Fortinet製品で確認された脆弱性(CVE-2025-32756)の詳細と対策|PoCも公開済み https://t.co/M49thbBCSz #cybernote #ブログ仲間と繋がりたい #Webライタ

    @CyberNote_media

    4 Jun 2025

    63 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  30. CVE-2025-32756: Write-Up of a Buffer Overflow in Various Fortinet Products https://t.co/UlIAPP87tV

    @_r_netsec

    2 Jun 2025

    943 Impressions

    2 Retweets

    4 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  31. 【セキュリティニュース】 Fortinet製品で確認された脆弱性(CVE-2025-32756)の詳細と対策|PoCも公開済み https://t.co/OS1a4RwcPN cybernote

    @BADBEAR112919

    1 Jun 2025

    38 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  32. 【セキュリティニュース】 Fortinet製品で確認された脆弱性(CVE-2025-32756)の詳細と対策|PoCも公開済み https://t.co/OS1a4RwcPN cybernote

    @BADBEAR112919

    31 May 2025

    37 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  33. 【セキュリティニュース】 Fortinet製品で確認された脆弱性(CVE-2025-32756)の詳細と対策|PoCも公開済み https://t.co/OS1a4RwKFl cybernote

    @BADBEAR112919

    31 May 2025

    37 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  34. 【アーカイブ】 新たな脆弱性情報と対策を今すぐ確認! Fortinet製品で確認された脆弱性(CVE-2025-32756)の詳細と対策|PoCも公開済み https://t.co/M49thbBCSz #cybernote #ブログ仲間と繋がりたい #Webライター

    @CyberNote_media

    31 May 2025

    60 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  35. 【アーカイブ】 脆弱性の影響と対策を確認しましょう。迅速な対応が重要です! Fortinet製品で確認された脆弱性(CVE-2025-32756)の詳細と対策|PoCも公開済み https://t.co/M49thbBCSz #cybernote #ブログ仲間と繋がりたい

    @CyberNote_media

    30 May 2025

    55 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  36. [1day1line] CVE-2025-32756: Stack-based Buffer Overflow in Fortinet Admin API https://t.co/bocbiwKBch Today’s 1day1line post covers the RCE vulnerability (CVE-2025-32756) found in Fortinet products. This vulnerability stems from a lack of input length validation within a

    @hackyboiz

    29 May 2025

    3351 Impressions

    23 Retweets

    43 Likes

    23 Bookmarks

    0 Replies

    0 Quotes

  37. Fortinet社の人気製品に重大なゼロデイ脆弱性「CVE-2025-32756」が発覚! すでに実際の攻撃にも悪用されており、国家レベルの警戒対象にも。 なぜこれほど危険なのか?私たちが今すぐ取るべき対策は? セキュリ

    @masafyorg

    28 May 2025

    393 Impressions

    1 Retweet

    4 Likes

    0 Bookmarks

    0 Replies

    1 Quote

  38. 🛡️ URGENTE: Falla de seguridad en productos Fortinet es usado por atacantes ¿Usas soluciones de FortiVoice, FortiMail o FortiRecorder? Hay una vulnerabilidad crítica que ya está siendo explotada en todo el mundo. Se llama CVE-2025-32756. Permite que un atacante tome c

    @CycuraMX

    28 May 2025

    330 Impressions

    3 Retweets

    4 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  39. Trending CVEs on 28/5/25: CVE-2024-13946 / ABB Cylon / Binary Planting CVE-2025-2636 / Wordpress / Local File Inclusion CVE-2025-24118 / MacOS / Race Condition CVE-2025-32756 / Fortinet / Stack Overflow Learn More: https://t.co/hFSIsw2vfh #EarlyWarning #Infosec https://t.co/lYN

    @arpsyndicate

    28 May 2025

    72 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  40. Actively exploited CVE : CVE-2025-32756

    @transilienceai

    28 May 2025

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  41. Researchers have released PoC for CVE-2025-32756, a severe security flaw, that is actively being exploited in Fortinet products like FortiMail and FortiCamera. https://t.co/ScsJwsyYTC

    @blackwired32799

    27 May 2025

    31 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  42. CVE-2025-32756: Low-Rise Jeans Are Back, and Buffer Overflows https://t.co/xfzeSNwE5M

    @freedomhack101

    27 May 2025

    31 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  43. Publicada una prueba de concepto (PoC) para una vulnerabilidad crítica de día cero que afecta a varios productos de Fortinet La vulnerabilidad, identificada como CVE-2025-32756, con una puntuación de gravedad CVSS de 9,6 sobre 10 https://t.co/kNjKOrlKUu https://t.co/UGOHdtW2

    @elhackernet

    27 May 2025

    15726 Impressions

    77 Retweets

    276 Likes

    90 Bookmarks

    1 Reply

    1 Quote

  44. CVE-2025-32756 Fortinet products buffer overflows affected products:FortiCamera,FortiMail,FortiNDR,FortiRecorder,FortiVoice https://t.co/bOuAAtYYas

    @crawopeucefau

    27 May 2025

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  45. 🚨Fortinetの脆弱性CVE-2025-32756、PoCコードがリリースされる 迅速なパッチ適用を呼びかけ 🔘「すべて拒否」ボタンの明示と可視化も義務 独司法が判断 〜サイバーアラート 5月27日〜 https://t.co/ClOtV4SRli #セキ

    @MachinaRecord

    27 May 2025

    29 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  46. Fortinetのゼロデイ脆弱性(CVE-2025-32756)のPoCが公開-実環境でサイバー攻撃への悪用が進行中 #セキュリティ対策Lab #セキュリティ #Security https://t.co/fmWkJQphCZ

    @securityLab_jp

    27 May 2025

    54 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  47. Critical 0-Day (CVSS 9.8) in Fortinet — actively exploited. CVE-2025-32756 allows unauth RCE. PoC’s out, attackers are moving fast. Patch like your firewall depends on it (because it does). Details: https://t.co/sY90K9gGmX

    @BursaMatus

    26 May 2025

    61 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  48. 🔒 CVE-2025-32756 – Desbordamiento de Búfer en Productos Fortinet #ALERTA #Compunet #JuntosMasLejos https://t.co/XLZjHWgqWQ

    @CompunetChile

    26 May 2025

    35 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  49. CVE-2025-32756: Zero-Day Vulnerability in Multiple Fortinet Products Exploited in the Wild https://t.co/4cRf4Z3T2N https://t.co/r3lSlcj6uZ

    @IT_Peurico

    26 May 2025

    48 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  50. Researchers Drop PoC for Fortinet CVE-2025-32756, Urging Quick Patching https://t.co/TfUnTzaxSZ

    @Dinosn

    26 May 2025

    12805 Impressions

    45 Retweets

    184 Likes

    64 Bookmarks

    1 Reply

    2 Quotes

Configurations

References

Sources include official advisories and independent security research.