Fortinet has issued a warning about a critical vulnerability CVE-2025-25256 in FortiSIEM, with an active exploit in the wild. Organizations using affected versions are urged to upgrade immediately. #FortiSIEM #CVE-2025-25256
Keypoints
- The vulnerability allows unauthenticated attackers to execute arbitrary commands via CLI requests.
- Several FortiSIEM versions, including 6.1 to 7.3.1, are impacted and require updating.
- Fortinet has not disclosed detailed information about the exploit, but a proof of concept exists.
- Workaround suggestions include limiting access to the affected port 7900.
- There has been a surge in brute-force attacks targeting Fortinet SSL VPNs worldwide.
Read More: https://thehackernews.com/2025/08/fortinet-warns-about-fortisiem.html