Security Alert (A25-06-10): Multiple Vulnerabilities in Fortinet Products


 

Published on: 11 June 2025

  
  

Description:

Fortinet released security advisories to address multiple vulnerabilities in Fortinet systems. An attacker could exploit these vulnerabilities by sending specially crafted requests to an affected system.

 

Affected Systems:

  • FortiOS version 6.2 (all versions), version 6.4 (all versions), version 7.0 (all versions), version 7.2 (all versions), 7.4.0 through 7.4.7, 7.6.0 through 7.6.1
  • FortiProxy version 1.1 (all versions), version 1.2 (all versions), version 2.0 (all versions), version 7.0.0 through 7.0.20, version 7.2 (all versions), 7.4.0 through 7.4.8, 7.6.0 through 7.6.2
  • FortiManager version 7.0.0 through 7.0.7, version 7.2.0 through 7.2.1
  • FortiClientEMS version 6.2 (all versions), version 6.4 (all versions), version 7.0 (all versions), version 7.2.0 through 7.2.6, version 7.4.0 through 7.4.1
  • FortiClientWindows version 7.0 (all versions), version 7.2 through 7.2.6, version 7.4.0
  • FortiSASE 24.4.b, 25.1.a.2, 25.1.c

For detailed information of the affected products, please refer to the section "Affected Products" of corresponding security advisory at vendor's website.

 

Impact:

Successful exploitation of the vulnerabilities could lead to remote code execution, denial of service, elevation of privilege, information disclosure, spoofing or tampering of affected system.

 

Recommendation:

Patches for affected systems are now available. Administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://fortiguard.fortinet.com/psirt/FG-IR-23-008
  • https://fortiguard.fortinet.com/psirt/FG-IR-23-342
  • https://fortiguard.fortinet.com/psirt/FG-IR-23-375
  • https://fortiguard.fortinet.com/psirt/FG-IR-24-058
  • https://fortiguard.fortinet.com/psirt/FG-IR-24-257
  • https://fortiguard.fortinet.com/psirt/FG-IR-24-287
  • https://fortiguard.fortinet.com/psirt/FG-IR-24-339
  • https://fortiguard.fortinet.com/psirt/FG-IR-24-365
  • https://fortiguard.fortinet.com/psirt/FG-IR-24-385
  • https://fortiguard.fortinet.com/psirt/FG-IR-24-544
  • https://fortiguard.fortinet.com/psirt/FG-IR-25-006
  • https://www.hkcert.org/security-bulletin/fortinet-products-multiple-vulnerabilities_20250611
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29184
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48786
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32119
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50562
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50568
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54019
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22251
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22254
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22862
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24471
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-25250


Tag: Fortinet , FortiOS , FortiProxy , FortiManager , FortiClientEMS , FortiClientWindows , FortiSASE
Tags