High Threat Security Alert (A25-08-10): Vulnerability in FortiSIEM Products


 

Published on: 14 August 2025

Share on Facebook    Share on X   

Description:

Fortinet released security advisories to address the vulnerability in FortiSIEM. An attacker could exploit the vulnerability by sending crafted CLI requests to execute unauthorised code or commands on the affected system.

Fortinet indicated that the elevation of privilege vulnerability (CVE-2025-25256) in FortiSIEM has practical exploit code available in the wild. System administrators are advised to take immediate action to upgrade your affected systems to mitigate the elevated risk of cyber attacks.

 

Affected Systems:

  • FortiSIEM version 5.4 (all versions), version 6.1 - 6.6 (all versions)
  • FortiSIEM version 6.7.0 through 6.7.9, version 7.0.0 through 7.0.3, version 7.1.0 through 7.1.7, version 7.2.0 through 7.2.5, version 7.3.0 through 7.3.1

For detailed information of the affected products, please refer to the section "Affected Products" of corresponding security advisory at vendor's website.

 

Impact:

Successful exploitation of the vulnerabilities could lead to elevation of privilege of affected system.

 

Recommendation:

Updated versions of FortiSIEM for affected systems are now available. Administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://fortiguard.fortinet.com/psirt/FG-IR-25-152
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-25256


Tag: Fortinet , FortiSIEM
Tags