- Description
- An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4, FortiSIEM 7.1.0 through 7.1.8, FortiSIEM 7.0.0 through 7.0.4, FortiSIEM 6.7.0 through 6.7.10 may allow an attacker to execute unauthorized code or commands via crafted TCP requests.
- Source
- psirt@fortinet.com
- NVD status
- Modified
- Products
- fortisiem
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- psirt@fortinet.com
- CWE-78
- Hype score
- Not currently trending
#VulnerabilityReport Fortinet Critical Alert: CVE-2025-64155 RCE & Config Leaks Exposed https://t.co/tV0OU5VJZK
@Komodosec
20 Feb 2026
78 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
GMOサイバー攻撃 ネットde診断 ASM が「FortiSIEM」に存在する深刻な脆弱性「CVE-2025-64155」の検知に対応(ScanNetSecurity) https://t.co/8kYBia7H0q
@note_tenmen
4 Feb 2026
117 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
GMOサイバー攻撃 ネットde診断 ASM が「FortiSIEM」に存在する深刻な脆弱性「CVE-2025-64155」の検知に対応 https://t.co/ZKIKDghl6O
@ScanNetSecurity
4 Feb 2026
714 Impressions
0 Retweets
4 Likes
2 Bookmarks
0 Replies
0 Quotes
”セキュリティ情報管理・イベント管理(SIEM)製品「FortiSIEM」に存在する深刻な脆弱性「CVE-2025-64155」に関する診断項目を追加” GMOサイバーセキュリティ byイエラエ、「GMOサイバー攻撃 ネットde診断 ASM」でF
@zubora_engineer
3 Feb 2026
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 ثغرة FortiSIEM خطيرة! #Fortinet تُطلق تحديثاً أمنياً عاجلاً يسد باباً خلفياً لتنفيذ تعليمات برمجية عن بعد دون مصادقة (CVE-2025-64155). #Fortinet أطلقت تحديثاً حاسماً لمعال
@glitch4techs
26 Jan 2026
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Command Injection Vulnerability https://t.co/HrabWFlDQE https://t.co/UzunuxNP4I
@Trej0Jass
26 Jan 2026
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet released fixes for a critical severity ortiSIEM vulnerability (CVE-2025-64155) that stems from improper neutralization of special elements used in OS commands within the phMonitor service (TCP/7900). Learn more in our latest security bulletin. https://t.co/5PRQEtDiP9
@de_do20
26 Jan 2026
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚩 Critical Fortinet FortiSIEM Vulnerability Now Exploited in the Wild https://t.co/BeRrN0snOx A critical command-injection vulnerability in Fortinet FortiSIEM (CVE-2025-64155) is being actively targeted by threat actors shortly after proof-of-concept exploit code was
@Huntio
23 Jan 2026
561 Impressions
2 Retweets
8 Likes
4 Bookmarks
0 Replies
0 Quotes
CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Command Injection Vulnerability https://t.co/o7udoukPsU https://t.co/k7moRisaBl
@Trej0Jass
23 Jan 2026
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Fortinet FortiSIEM [—] Jan 23, 2026 Critical Product Security Advisory for Fortinet FortiSIEM — Unauthenticated Remote Code Execution and Command Injection Vulnerabilities (CVE-2025-64155, CVE-2025-25249) and Associated Threats Checkout our Threat Intelligence Platform:.
@transilienceai
23 Jan 2026
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 FortiSIEM bajo ATAQUE ACTIVO CVE-2025-64155 | CVSS 9.4 ⚠️ RCE sin autenticacion via puerto 7900 ⚠️ PoC publico - 15+ grupos explotandolo ⚠️ Escalacion a ROOT en minutos Hackear el SIEM = hackear toda tu seguridad Actualiza YA: 7.1.9, 7.2.7, 7.3.5, 7.4.1 #Fort
@secnetnew
22 Jan 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
FortiSIEM vulnerability (CVE-2025-64155) under active attack! Unauthenticated RCE via OS command injection on port 7900. Patch now to 7.4.1+ or restrict access. Stay secure with Black Belt Secure's expert services. https://t.co/bXT9vTiz7I https://t.co/6sIbbp63oK
@blackbeltsecure
22 Jan 2026
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Command Injection Vulnerability https://t.co/WRI7RpdW15 https://t.co/WMSYp7v1Ve
@secured_cyber
22 Jan 2026
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Command Injection Vulnerability https://t.co/1fnAzFaz5Q https://t.co/VWXl2IwF9U
@Trej0Jass
22 Jan 2026
32 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Command Injection Vulnerability https://t.co/cwLi60uNPI https://t.co/8FRk7DnsXF
@IT_Peurico
22 Jan 2026
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet FortiSIEM의 CVE-2025-64155 취약점이 실제 공격에 악용되고 있습니다. CVSS 9.4점의 치명적 결함으로 인증 없이 원격 코드 실행이 가능하며, 주요 보안 위협들과 함께 이번 주 사이버보안 동향을 상세히 분석합니다
@webi_kr
21 Jan 2026
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
https://t.co/CDsCwGKRjI CVE-2025-64155: In the Wild Exploitation of FortiSIEM for Unauthenticated Root-Level RCE
@samilaiho
21 Jan 2026
303 Impressions
2 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
The year has barely begun, but 2026 is already in familiar territory for Fortinet customers, as a new vulnerability has come under attack. On Jan. 13, Fortinet disclosed a critical flaw in its FortiSIEM platform, tracked as CVE-2025-64155 and assigned a 9.4 CVSS score. https://t
@Guardian360nl
21 Jan 2026
67 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨【緊急】FortiSIEM管理者、今すぐログを確認してください。 1月に入り、FortiSIEMの重大脆弱性 (CVE-2025-64155) を狙った組織的な攻撃キャンペーンが観測されています。 ⚠️ 攻撃のフェーズが変化しました ・
@cybertantei
21 Jan 2026
130 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet FortiSIEM の脆弱性 CVE-2025-64155 が FIX:TCP パケット経由での任意のコマンド実行 https://t.co/ysoFOt16fx セキュリティログを集約/分析する FortiSIEM において、外部からシステムを操作される恐れのある、きわめ
@iototsecnews
21 Jan 2026
178 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Exploit code public for critical FortiSIEM command injection flaw FortinetのSIEMソリューションに影響を与える重大な脆弱性(CVE-2025-64155)が公開され、リモートの未認証攻撃者がコマンドやコードを実行できる可能性。修正は20
@johntheMAT
20 Jan 2026
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet FortiSIEM is affected by a critical auth bypass and command injection flaw CVE-2025-64155. All on-prem versions from 6.7 to 7.4 are vulnerable. Patch to FortiSIEM 7.4.1+, 7.3.5+, 7.2.7+, or 7.1.9+ now. Read more: https://t.co/2kdMkFcZGG https://t.co/GafdFxOEsb
@wazuh
20 Jan 2026
281 Impressions
5 Retweets
10 Likes
0 Bookmarks
0 Replies
0 Quotes
لا تتجاهلوا هذا! ثغرة FortiSIEM تهدد أنظمتكم! Fortinet يسد ثغرة RCE حرجة (CVE-2025-64155) في FortiSIEM. مهاجمون غير مصادقين يمكنهم تنفيذ كود عن بعد. حدثوا فوراً! حماية بياناتكم ت
@glitch4techs
20 Jan 2026
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 𝐍𝐞𝐰 𝐯𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐚𝐧𝐚𝐥𝐲𝐬𝐢𝐬 𝐩𝐮𝐛𝐥𝐢𝐬𝐡𝐞𝐝! FortiSIEM flaw CVE-2025-64155 enables unauthenticated RCE via TCP 7900-see how attackers can hijack your SIEM and evade detection. 📖 C
@PurpleOps_io
20 Jan 2026
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Weekly Recap: Fortinet FortiSIEM Exploits, Copilot “Reprompt” Leak, AWS CodeBuild Risk & More The Hacker News weekly recap highlights active exploitation of a critical Fortinet FortiSIEM RCE (CVE-2025-64155) plus major threats including the “Reprompt” data-exfil
@ThreatSynop
19 Jan 2026
70 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Weekly Recap: Fortinet FortiSIEM Exploits, Copilot “Reprompt” Leak, AWS CodeBuild Risk & More The Hacker News weekly recap highlights active exploitation of a critical Fortinet FortiSIEM RCE (CVE-2025-64155) plus major threats including the “Reprompt” data-exfilt
@ThreatSynop
19 Jan 2026
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
FortiSIEM just got hit with a critical 9.4 RCE (CVE-2025-64155). When the tool meant to protect you can be exploited, you need a backup plan. That’s why we run 3rd party monitoring + 365-day forensic logs. Not a nice-to-have. Last line of defense. https://t.co/rashXXyDk6
@BlackCloverCybr
19 Jan 2026
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-64155 : CRITICAL VULNERABILITY ALERT 🚨 @Fortinet An unauthenticated Remote Command Injection vulnerability has been disclosed in FortiSIEM, allowing attackers to compromise the heart of enterprise security operations. The Risk Severity: 9.8/10 (Critical) Impa
@OstorlabSec
19 Jan 2026
52 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2004-1056 2 - CVE-2026-22812 3 - CVE-2026-20824 4 - CVE-2025-58726 5 - CVE-2025-64155 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
19 Jan 2026
122 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-64155: Fortinet FortiSIEM Critical RCE Vulnerability—Comprehensive Advisory [Critical] Jan 19, 2026 Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1 https://t.co/QuwNtEgYh1 #ThreatIntelligence #CyberSecurity #LLM https://t.co/u6XI6T2fTU
@transilienceai
19 Jan 2026
61 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-64155: Three Years of Remotely Rooting the Fortinet FortiSIEM https://t.co/cBV2poFgGF
@marktsec46065
18 Jan 2026
82 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-64155 is being actively exploited. Fortinet FortiSIEM versions 6.7-7.5 are vulnerable to unauthenticated remote command injection via the phMonitor service on port 7900. What you need to know:
@gothburz
18 Jan 2026
5128 Impressions
4 Retweets
21 Likes
4 Bookmarks
4 Replies
3 Quotes
PoC exploit for critical FortiSIEM vulnerability released (CVE-2025-64155) - Help Net Security https://t.co/sjvFua0SFY
@PVynckier
18 Jan 2026
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔥 𝐅𝐫𝐞𝐬𝐡 𝐟𝐫𝐨𝐦 𝐭𝐡𝐞 𝐭𝐞𝐚𝐦: New FortiSIEM flaw CVE-2025-64155 allows full SIEM takeover-get key remediation steps and threat intel to protect your infrastructure. Read it here → https://t.co/lKRVtUKGEo Tell us how you see it!
@PurpleOps_io
18 Jan 2026
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Fortinet FortiSIEM [—] Jan 18, 2026 Comprehensive Security Advisory: Critical Command Injection and Exploitation Risks in Fortinet FortiSIEM (CVE-2025-64155, CVE-2025-25249) Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1... https://t.co/MbmHh7IIKR
@transilienceai
18 Jan 2026
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-64155: Three Years of Remotely Rooting the Fortinet FortiSIEM Credit: https://t.co/Ahb8vlW9Zg (@Horizon3ai) https://t.co/dHtPOrR1bN
@7h3h4ckv157
18 Jan 2026
2227 Impressions
7 Retweets
50 Likes
13 Bookmarks
0 Replies
0 Quotes
Attackers are exploiting a critical Fortinet FortiSIEM flaw (CVE-2025-64155) enabling unauthenticated remote code execution via OS command injection in phMonitor service. Updates available. #FortinetPatch #RemoteCodeExec #USA https://t.co/GEOfSrMxXk
@TweetThreatNews
18 Jan 2026
123 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet FortiSIEM flaw (CVE-2025-64155) is being exploited while the BodySnatcher AI hijacking bug in ServiceNow is patched. Poland's power grid repels a suspected Russian cyberattack. #FortiSIEM #BodySnatcher #Poland https://t.co/U1NoLkinK1
@TweetThreatNews
17 Jan 2026
120 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Fortinet dropped the ball on FortiSIEM. CVE-2025-64155 leaves it wide open to command injection, and hackers are already in. They skipped input sanitization on API calls. Attackers run arbitrary OS commands, owning the box. Patch now or segment it off, don't wait for the https:
@KirillGavr75994
17 Jan 2026
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔍 𝐂𝐫𝐢𝐭𝐢𝐜𝐚𝐥 𝐅𝐨𝐫𝐭𝐢𝐧𝐞𝐭 𝐅𝐨𝐫𝐭𝐢𝐒𝐈𝐄𝐌 𝐕𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐀𝐥𝐥𝐨𝐰𝐬 𝐔𝐧𝐚𝐮𝐭𝐡𝐞𝐧𝐭𝐢𝐜𝐚𝐭𝐞𝐝 𝐂𝐨𝐦𝐦𝐚𝐧𝐝 𝐈
@PurpleOps_io
17 Jan 2026
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Threat actors are actively exploiting a critical OS command injection vulnerability (CVE-2025-64155) in Fortinet FortiSIEM, enabling remote code execution and potentially compromising sensitive data. This puts organizations using vulnerable versions at immediate risk of
@cybernewslive
17 Jan 2026
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 NoName057 [Critical] Jan 17, 2026 This report analyzes the threat posed by CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM devices. Public exploit code is available, increasing the likelihood of exploitation. Fortinet vulnerabilities..
@transilienceai
17 Jan 2026
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Fortinet FortiSIEM Critical RCE (CVE-2025-64155) Actively Exploited After PoC Release Threat actors are exploiting CVE-2025-64155, a critical unauthenticated OS command injection flaw in Fortinet FortiSIEM, enabling remote command execution and rapid takeover of SIEM
@ThreatSynop
16 Jan 2026
52 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
[Dark Reading] More Problems for Fortinet: Critical FortiSIEM Flaw Exploited. CVE-2025-64155, a command injection vulnerability, was disclosed earlier this week and quickly came under attack from a variety of IP addresses. https://t.co/XgX8m0Y5QZ
@shah_sheikh
16 Jan 2026
42 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
Descubre cómo se ha explotado CVE-2025-64155 en Fortinet FortiSIEM durante 3 años. Más info: https://t.co/0UjqZ5anU6 #Ciberseguridad #Fortinet
@AlejosAngel
16 Jan 2026
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Command Injection Vulnerability https://t.co/wZjHW0hYdY https://t.co/wASch7xOPC
@TechMash365
16 Jan 2026
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
FortiSIEM CVE-2025-64155 Exploitation Analysis https://t.co/kvh4jcSs3C
@UK_Daniel_Card
16 Jan 2026
561 Impressions
2 Retweets
4 Likes
0 Bookmarks
2 Replies
0 Quotes
🚨 Fortinet FortiSIEM Critical RCE (CVE-2025-64155) Now Seeing Exploitation Attempts After PoC Drop A critical FortiSIEM flaw (CVE-2025-64155) enables attackers to execute unauthorized OS commands and is already being probed in the wild shortly after Fortinet’s advisory and
@ThreatSynop
16 Jan 2026
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet 修复了允许未经身份验证的远程代码执行的关键 FortiSIEM 缺陷 - 黑客新闻 Fortinet 修补了一个关键的 FortiSIEM 漏洞 (CVE-2025-64155),该漏洞允许通过暴露的 phMonitor 服务执行未经身份验证的远程代码。 https://t.co/o
@BorjaGo24446305
16 Jan 2026
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🧑 💻 Hackers began to actively exploit a critical vulnerability in Fortinet FortiSIEM, which allows remote execution of arbitrary code with root rights without authentication. It is about CVE-2025-64155 — a combination OS command injection and escalation privileges, for wh
@Hack_Your_Mom
16 Jan 2026
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*",
"matchCriteriaId": "409EC360-68C2-4098-AC99-8310913D8EC0",
"versionEndExcluding": "7.1.9",
"versionStartIncluding": "6.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8C7360-73D5-4629-B1C3-47B6C7AD9678",
"versionEndExcluding": "7.2.7",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C41BBF42-F97A-4358-ADB6-9762BD8F3CAE",
"versionEndExcluding": "7.3.5",
"versionStartIncluding": "7.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortisiem:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "500DAB25-48C9-48C7-B7CD-92C06989F039",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]