Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-57716 (GCVE-0-2025-57716)
Vulnerability from cvelistv5 – Published: 2025-10-14 15:23 – Updated: 2025-10-17 03:55
VLAI?
EPSS
Summary
An Uncontrolled Search Path Element vulnerability [CWE-427] in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious DLL to the FortiClient Online Installer installation folder.
Severity ?
CWE
- CWE-427 - Execute unauthorized code or commands
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiClientWindows |
Affected:
7.4.0 , ≤ 7.4.3
(semver)
Affected: 7.2.0 , ≤ 7.2.11 (semver) Affected: 7.0.0 , ≤ 7.0.14 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-57716",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T03:55:18.739Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiClientWindows",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.3",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.11",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.14",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Uncontrolled Search Path Element vulnerability [CWE-427] in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious DLL to the FortiClient Online Installer installation folder."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T15:23:10.215Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-685",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-685"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiClientWindows version 7.4.4 or above\nUpgrade to FortiClientWindows version 7.2.12 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-57716",
"datePublished": "2025-10-14T15:23:10.215Z",
"dateReserved": "2025-08-18T12:44:08.800Z",
"dateUpdated": "2025-10-17T03:55:18.739Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-57716\",\"sourceIdentifier\":\"psirt@fortinet.com\",\"published\":\"2025-10-14T16:15:40.113\",\"lastModified\":\"2025-10-15T17:21:15.260\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An Uncontrolled Search Path Element vulnerability [CWE-427] in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious DLL to the FortiClient Online Installer installation folder.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@fortinet.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":6.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.3,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@fortinet.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-427\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndExcluding\":\"7.2.12\",\"matchCriteriaId\":\"93305AAD-0315-4D4E-92FB-03665C2CB01B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*\",\"versionStartIncluding\":\"7.4.0\",\"versionEndExcluding\":\"7.4.4\",\"matchCriteriaId\":\"51121FCA-2CA9-4B4B-A27C-C4729AB797BB\"}]}]}],\"references\":[{\"url\":\"https://fortiguard.fortinet.com/psirt/FG-IR-25-685\",\"source\":\"psirt@fortinet.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-57716\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-16T17:14:22.557481Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-16T17:14:26.029Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"cpes\": [], \"vendor\": \"Fortinet\", \"product\": \"FortiClientWindows\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.4.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.4.3\"}, {\"status\": \"affected\", \"version\": \"7.2.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.2.11\"}, {\"status\": \"affected\", \"version\": \"7.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.0.14\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Upgrade to FortiClientWindows version 7.4.4 or above\\nUpgrade to FortiClientWindows version 7.2.12 or above\"}], \"references\": [{\"url\": \"https://fortiguard.fortinet.com/psirt/FG-IR-25-685\", \"name\": \"https://fortiguard.fortinet.com/psirt/FG-IR-25-685\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An Uncontrolled Search Path Element vulnerability [CWE-427] in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious DLL to the FortiClient Online Installer installation folder.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-427\", \"description\": \"Execute unauthorized code or commands\"}]}], \"providerMetadata\": {\"orgId\": \"6abe59d8-c742-4dff-8ce8-9b0ca1073da8\", \"shortName\": \"fortinet\", \"dateUpdated\": \"2025-10-14T15:23:10.215Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-57716\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-17T03:55:18.739Z\", \"dateReserved\": \"2025-08-18T12:44:08.800Z\", \"assignerOrgId\": \"6abe59d8-c742-4dff-8ce8-9b0ca1073da8\", \"datePublished\": \"2025-10-14T15:23:10.215Z\", \"assignerShortName\": \"fortinet\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
GHSA-4GCF-XHRJ-G4GQ
Vulnerability from github – Published: 2025-10-14 18:30 – Updated: 2025-10-14 18:30
VLAI?
Details
An Uncontrolled Search Path Element vulnerability [CWE-427] in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious DLL to the FortiClient Online Installer installation folder.
Severity ?
6.7 (Medium)
{
"affected": [],
"aliases": [
"CVE-2025-57716"
],
"database_specific": {
"cwe_ids": [
"CWE-427"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-14T16:15:40Z",
"severity": "MODERATE"
},
"details": "An Uncontrolled Search Path Element vulnerability [CWE-427] in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious DLL to the FortiClient Online Installer installation folder.",
"id": "GHSA-4gcf-xhrj-g4gq",
"modified": "2025-10-14T18:30:28Z",
"published": "2025-10-14T18:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57716"
},
{
"type": "WEB",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-685"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
FKIE_CVE-2025-57716
Vulnerability from fkie_nvd - Published: 2025-10-14 16:15 - Updated: 2025-10-15 17:21
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
An Uncontrolled Search Path Element vulnerability [CWE-427] in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious DLL to the FortiClient Online Installer installation folder.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-25-685 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | forticlient | * | |
| fortinet | forticlient | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "93305AAD-0315-4D4E-92FB-03665C2CB01B",
"versionEndExcluding": "7.2.12",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "51121FCA-2CA9-4B4B-A27C-C4729AB797BB",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Uncontrolled Search Path Element vulnerability [CWE-427] in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious DLL to the FortiClient Online Installer installation folder."
}
],
"id": "CVE-2025-57716",
"lastModified": "2025-10-15T17:21:15.260",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-10-14T16:15:40.113",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-685"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
CERTFR-2025-AVI-0871
Vulnerability from certfr_avis - Published: 2025-10-15 - Updated: 2025-10-15
De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Fortinet | FortiDLP | FortiDLP toutes versions 10.3.x, 10.4.x, 10.5.x, 11.0.x, 11.1.x, 11.2.x, 11.3.x, 11.4.x, 11.5.x, 12.0.x, 12.1.x | ||
| Fortinet | FortiADC | FortiADC toutes versions 6.2.x et 7.0.x | ||
| Fortinet | FortiManager | FortiManager Cloud versions postérieures à 7.0.1 et antérieures à 7.0.14 | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer Cloud versions postérieures à 7.2.1 et antérieures à 7.2.10 | ||
| Fortinet | FortiTester | FortiTester toutes versions 4.2.x, 7.0.x, 7.1.x, 7.2.x et 7.3.x | ||
| Fortinet | FortiManager | FortiManager versions 7.6.x antérieures à 7.6.2 | ||
| Fortinet | FortiOS | FortiOS versions 7.6.x antérieures à 7.6.4 | ||
| Fortinet | FortiVoice | FortiVoice versions 6.0.7 à 6.0.12 | ||
| Fortinet | FortiClient | FortiClientMac toutes versions 7.0.x | ||
| Fortinet | FortiSOAR | FortiSOAR on-premise toutes versions 7.3.x et 7.4.x | ||
| Fortinet | FortiSIEM | FortiSIEM versions 7.2.x antérieures à 7.2.3 | ||
| Fortinet | FortiPAM | FortiPAM toutes versions 1.0.x, 1.1.x, 1.2.x et 1.3.x | ||
| Fortinet | FortiSRA | FortiSRA versions 1.5.x antérieures à 1.5.1 | ||
| Fortinet | FortiWeb | FortiWeb toutes versions 6.4.x, 7.0.x et 7.2.x | ||
| Fortinet | FortiDLP | FortiDLP versions 12.2.x et antérieures à 12.2.3 | ||
| Fortinet | FortiManager | FortiManager Cloud versions 7.6.x antérieures à 7.6.3 | ||
| Fortinet | FortiSOAR | FortiSOAR on-premise versions 7.6.x antérieures à 7.6.2 | ||
| Fortinet | FortiNDR | FortiNDR toutes versions 1.5.x, 7.0.x, 7.1.x et 7.2.x | ||
| Fortinet | FortiClient | FortiClientWindows versions 7.4.x antérieures à 7.4.4 | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer Cloud versions postérieures à 7.4.1 et antérieures à 7.4.6 | ||
| Fortinet | FortiManager | FortiManager versions 7.2.x antérieures à 7.2.10 | ||
| Fortinet | FortiVoice | FortiVoice versions 7.0.x antérieures à 7.0.5 | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer versions 7.4.x antérieures à 7.4.7 | ||
| Fortinet | FortiClient | FortiClientWindows versions 7.2.x antérieures à 7.2.12 | ||
| Fortinet | FortiManager | FortiManager Cloud toutes versions 6.4.x | ||
| Fortinet | FortiPAM | FortiPAM versions 1.4.x antérieures à 1.4.3 | ||
| Fortinet | FortiManager | FortiManager Cloud versions postérieures à 7.2.1 et antérieures à 7.2.10 | ||
| Fortinet | FortiPAM | FortiPAM versions 1.5.x antérieures à 1.5.1 | ||
| Fortinet | FortiSIEM | FortiSIEM toutes versions 6.2.x, 6.3.x, 6.4.x, 6.5.x, 6.6.x, 6.7.x, 7.0.x et 7.1.x | ||
| Fortinet | FortiMail | FortiMail versions 7.2.x antérieures à 7.2.7 | ||
| Fortinet | FortiSRA | FortiSRA versions 1.4.x antérieures à 1.4.3 | ||
| Fortinet | FortiRecorder | FortiRecorder versions 7.0.x antérieures à 7.0.5 | ||
| Fortinet | FortiWeb | FortiWeb versions 7.4.x antérieures à 7.4.5 | ||
| Fortinet | FortiManager | FortiManager versions 7.4.x antérieures à 7.4.6 | ||
| Fortinet | FortiADC | FortiADC versions 7.2.x antérieures à 7.2.4 | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer versions 7.6.x antérieures à 7.6.4 | ||
| Fortinet | FortiClient | FortiClientWindows toutes versions 7.0.x | ||
| Fortinet | FortiIsolator | FortiIsolator versions 2.4.x antérieures à 2.4.5 | ||
| Fortinet | FortiTester | FortiTester version 7.4 antérieures à 7.4.3 | ||
| Fortinet | FortiVoice | FortiVoice versions 6.4.x antérieures à 6.4.10 | ||
| Fortinet | FortiManager | FortiManager Cloud versions postérieures à 7.4.1 et antérieures à 7.4.6 | ||
| Fortinet | FortiOS | FortiOS toutes versions 6.0.x, 6.2.x, 6.4.x, 7.0.x, 7.2.x et 7.4.x | ||
| Fortinet | FortiIsolator | FortiIsolator toutes versions 2.3.x | ||
| Fortinet | FortiADC | FortiADC versions 7.1.x antérieures à 7.1.5 | ||
| Fortinet | FortiProxy | FortiProxy toutes versions 1.0.x, 1.1.x, 1.2.x, 2.0.x, 7.0.x, 7.2.x et 7.4.x | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer Cloud toutes versions 6.4.x | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer toutes versions 6.0.x, 6.2.x, 6.4.x, 7.0.x et 7.2.x | ||
| Fortinet | FortiSwitch | FortiSwitchManager versions 7.2.x antérieures à 7.2.6 | ||
| Fortinet | FortiManager | FortiManager versions 7.0.x antérieures à 7.0.14 | ||
| Fortinet | FortiManager | FortiManager toutes versions 6.0.x, 6.2.x et 6.4.x | ||
| Fortinet | FortiWeb | FortiWeb versions 7.6.x antérieures à 7.6.1 | ||
| Fortinet | FortiNDR | FortiNDR versions 7.6.x antérieures à 7.6.2 | ||
| Fortinet | FortiProxy | FortiProxy versions 7.6.x antérieures à 7.6.4 | ||
| Fortinet | FortiADC | FortiADC versions 7.4.x antérieures à 7.4.1 | ||
| Fortinet | FortiNDR | FortiNDR versions 7.4.x antérieures à 7.4.9 | ||
| Fortinet | FortiSwitch | FortiSwitchManager versions 7.0.x antérieures à 7.0.4 | ||
| Fortinet | FortiMail | FortiMail versions 7.4.x antérieures à 7.4.3 | ||
| Fortinet | FortiRecorder | FortiRecorder versions 7.2.x antérieures à 7.2.2 | ||
| Fortinet | FortiClient | FortiClientMac versions 7.4.x antérieures à 7.4.4 | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer Cloud versions postérieures à 7.0.1 et antérieures à 7.0.14 | ||
| Fortinet | FortiClient | FortiClientMac versions 7.2.x antérieures à 7.2.12 | ||
| Fortinet | FortiSOAR | FortiSOAR on-premise versions 7.5.x antérieures à 7.5.2 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "FortiDLP toutes versions 10.3.x, 10.4.x, 10.5.x, 11.0.x, 11.1.x, 11.2.x, 11.3.x, 11.4.x, 11.5.x, 12.0.x, 12.1.x",
"product": {
"name": "FortiDLP",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC toutes versions 6.2.x et 7.0.x",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager Cloud versions post\u00e9rieures \u00e0 7.0.1 et ant\u00e9rieures \u00e0 7.0.14",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer Cloud versions post\u00e9rieures \u00e0 7.2.1 et ant\u00e9rieures \u00e0 7.2.10",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiTester toutes versions 4.2.x, 7.0.x, 7.1.x, 7.2.x et 7.3.x",
"product": {
"name": "FortiTester",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager versions 7.6.x ant\u00e9rieures \u00e0 7.6.2",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions 7.6.x ant\u00e9rieures \u00e0 7.6.4",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiVoice versions 6.0.7 \u00e0 6.0.12",
"product": {
"name": "FortiVoice",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClientMac toutes versions 7.0.x",
"product": {
"name": "FortiClient",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSOAR on-premise toutes versions 7.3.x et 7.4.x",
"product": {
"name": "FortiSOAR",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSIEM versions 7.2.x ant\u00e9rieures \u00e0 7.2.3",
"product": {
"name": "FortiSIEM",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiPAM toutes versions 1.0.x, 1.1.x, 1.2.x et 1.3.x",
"product": {
"name": "FortiPAM",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSRA versions 1.5.x ant\u00e9rieures \u00e0 1.5.1",
"product": {
"name": "FortiSRA",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWeb toutes versions 6.4.x, 7.0.x et 7.2.x",
"product": {
"name": "FortiWeb",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiDLP versions 12.2.x et ant\u00e9rieures \u00e0 12.2.3",
"product": {
"name": "FortiDLP",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager Cloud versions 7.6.x ant\u00e9rieures \u00e0 7.6.3",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSOAR on-premise versions 7.6.x ant\u00e9rieures \u00e0 7.6.2",
"product": {
"name": "FortiSOAR",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiNDR toutes versions 1.5.x, 7.0.x, 7.1.x et 7.2.x",
"product": {
"name": "FortiNDR",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClientWindows versions 7.4.x ant\u00e9rieures \u00e0 7.4.4",
"product": {
"name": "FortiClient",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer Cloud versions post\u00e9rieures \u00e0 7.4.1 et ant\u00e9rieures \u00e0 7.4.6",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager versions 7.2.x ant\u00e9rieures \u00e0 7.2.10",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiVoice versions 7.0.x ant\u00e9rieures \u00e0 7.0.5",
"product": {
"name": "FortiVoice",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer versions 7.4.x ant\u00e9rieures \u00e0 7.4.7",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClientWindows versions 7.2.x ant\u00e9rieures \u00e0 7.2.12",
"product": {
"name": "FortiClient",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager Cloud toutes versions 6.4.x",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiPAM versions 1.4.x ant\u00e9rieures \u00e0 1.4.3",
"product": {
"name": "FortiPAM",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager Cloud versions post\u00e9rieures \u00e0 7.2.1 et ant\u00e9rieures \u00e0 7.2.10",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiPAM versions 1.5.x ant\u00e9rieures \u00e0 1.5.1",
"product": {
"name": "FortiPAM",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSIEM toutes versions 6.2.x, 6.3.x, 6.4.x, 6.5.x, 6.6.x, 6.7.x, 7.0.x et 7.1.x",
"product": {
"name": "FortiSIEM",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiMail versions 7.2.x ant\u00e9rieures \u00e0 7.2.7",
"product": {
"name": "FortiMail",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSRA versions 1.4.x ant\u00e9rieures \u00e0 1.4.3",
"product": {
"name": "FortiSRA",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiRecorder versions 7.0.x ant\u00e9rieures \u00e0 7.0.5",
"product": {
"name": "FortiRecorder",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWeb versions 7.4.x ant\u00e9rieures \u00e0 7.4.5",
"product": {
"name": "FortiWeb",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager versions 7.4.x ant\u00e9rieures \u00e0 7.4.6",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC versions 7.2.x ant\u00e9rieures \u00e0 7.2.4",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer versions 7.6.x ant\u00e9rieures \u00e0 7.6.4",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClientWindows toutes versions 7.0.x",
"product": {
"name": "FortiClient",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiIsolator versions 2.4.x ant\u00e9rieures \u00e0 2.4.5",
"product": {
"name": "FortiIsolator",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiTester version 7.4 ant\u00e9rieures \u00e0 7.4.3",
"product": {
"name": "FortiTester",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiVoice versions 6.4.x ant\u00e9rieures \u00e0 6.4.10",
"product": {
"name": "FortiVoice",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager Cloud versions post\u00e9rieures \u00e0 7.4.1 et ant\u00e9rieures \u00e0 7.4.6",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS toutes versions 6.0.x, 6.2.x, 6.4.x, 7.0.x, 7.2.x et 7.4.x",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiIsolator toutes versions 2.3.x",
"product": {
"name": "FortiIsolator",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC versions 7.1.x ant\u00e9rieures \u00e0 7.1.5",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiProxy toutes versions 1.0.x, 1.1.x, 1.2.x, 2.0.x, 7.0.x, 7.2.x et 7.4.x",
"product": {
"name": "FortiProxy",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer Cloud toutes versions 6.4.x",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer toutes versions 6.0.x, 6.2.x, 6.4.x, 7.0.x et 7.2.x",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSwitchManager versions 7.2.x ant\u00e9rieures \u00e0 7.2.6",
"product": {
"name": "FortiSwitch",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager versions 7.0.x ant\u00e9rieures \u00e0 7.0.14",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager toutes versions 6.0.x, 6.2.x et 6.4.x",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWeb versions 7.6.x ant\u00e9rieures \u00e0 7.6.1",
"product": {
"name": "FortiWeb",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiNDR versions 7.6.x ant\u00e9rieures \u00e0 7.6.2",
"product": {
"name": "FortiNDR",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiProxy versions 7.6.x ant\u00e9rieures \u00e0 7.6.4",
"product": {
"name": "FortiProxy",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC versions 7.4.x ant\u00e9rieures \u00e0 7.4.1",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiNDR versions 7.4.x ant\u00e9rieures \u00e0 7.4.9",
"product": {
"name": "FortiNDR",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSwitchManager versions 7.0.x ant\u00e9rieures \u00e0 7.0.4",
"product": {
"name": "FortiSwitch",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiMail versions 7.4.x ant\u00e9rieures \u00e0 7.4.3",
"product": {
"name": "FortiMail",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiRecorder versions 7.2.x ant\u00e9rieures \u00e0 7.2.2",
"product": {
"name": "FortiRecorder",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClientMac versions 7.4.x ant\u00e9rieures \u00e0 7.4.4",
"product": {
"name": "FortiClient",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer Cloud versions post\u00e9rieures \u00e0 7.0.1 et ant\u00e9rieures \u00e0 7.0.14",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClientMac versions 7.2.x ant\u00e9rieures \u00e0 7.2.12",
"product": {
"name": "FortiClient",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSOAR on-premise versions 7.5.x ant\u00e9rieures \u00e0 7.5.2",
"product": {
"name": "FortiSOAR",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-58325",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58325"
},
{
"name": "CVE-2025-46752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46752"
},
{
"name": "CVE-2025-31365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31365"
},
{
"name": "CVE-2025-49201",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49201"
},
{
"name": "CVE-2025-54822",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54822"
},
{
"name": "CVE-2025-57741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57741"
},
{
"name": "CVE-2025-58903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58903"
},
{
"name": "CVE-2025-31514",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31514"
},
{
"name": "CVE-2025-25253",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25253"
},
{
"name": "CVE-2024-33507",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33507"
},
{
"name": "CVE-2025-25255",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25255"
},
{
"name": "CVE-2023-46718",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46718"
},
{
"name": "CVE-2025-47890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47890"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2024-26008",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26008"
},
{
"name": "CVE-2025-25252",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25252"
},
{
"name": "CVE-2024-48891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48891"
},
{
"name": "CVE-2025-59921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59921"
},
{
"name": "CVE-2025-53951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53951"
},
{
"name": "CVE-2025-53950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53950"
},
{
"name": "CVE-2025-58324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58324"
},
{
"name": "CVE-2025-53845",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53845"
},
{
"name": "CVE-2024-50571",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50571"
},
{
"name": "CVE-2025-46774",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46774"
},
{
"name": "CVE-2025-31366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31366"
},
{
"name": "CVE-2025-57716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57716"
},
{
"name": "CVE-2024-47569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47569"
},
{
"name": "CVE-2025-22258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22258"
},
{
"name": "CVE-2025-57740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57740"
},
{
"name": "CVE-2025-54973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54973"
},
{
"name": "CVE-2025-54658",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54658"
}
],
"initial_release_date": "2025-10-15T00:00:00",
"last_revision_date": "2025-10-15T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0871",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Fortinet. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet",
"vendor_advisories": [
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-372",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-372"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-412",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-412"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-228",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-228"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-280",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-280"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-685",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-685"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-452",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-452"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-487",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-487"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-639",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-639"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-037",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-037"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-684",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-684"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-354",
"url": "https://www.fortiguard.com/psirt/FG-IR-23-354"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-041",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-041"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-198",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-198"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-160",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-160"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-361",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-361"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-861",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-861"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-542",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-542"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-771",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-771"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-010",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-010"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-378",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-378"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-442",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-442"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-664",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-664"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-756",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-756"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-126",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-126"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-628",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-628"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-457",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-457"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-062",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-062"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-546",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-546"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-653",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-653"
}
]
}
CERTFR-2025-AVI-0871
Vulnerability from certfr_avis - Published: 2025-10-15 - Updated: 2025-10-15
De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Fortinet | FortiDLP | FortiDLP toutes versions 10.3.x, 10.4.x, 10.5.x, 11.0.x, 11.1.x, 11.2.x, 11.3.x, 11.4.x, 11.5.x, 12.0.x, 12.1.x | ||
| Fortinet | FortiADC | FortiADC toutes versions 6.2.x et 7.0.x | ||
| Fortinet | FortiManager | FortiManager Cloud versions postérieures à 7.0.1 et antérieures à 7.0.14 | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer Cloud versions postérieures à 7.2.1 et antérieures à 7.2.10 | ||
| Fortinet | FortiTester | FortiTester toutes versions 4.2.x, 7.0.x, 7.1.x, 7.2.x et 7.3.x | ||
| Fortinet | FortiManager | FortiManager versions 7.6.x antérieures à 7.6.2 | ||
| Fortinet | FortiOS | FortiOS versions 7.6.x antérieures à 7.6.4 | ||
| Fortinet | FortiVoice | FortiVoice versions 6.0.7 à 6.0.12 | ||
| Fortinet | FortiClient | FortiClientMac toutes versions 7.0.x | ||
| Fortinet | FortiSOAR | FortiSOAR on-premise toutes versions 7.3.x et 7.4.x | ||
| Fortinet | FortiSIEM | FortiSIEM versions 7.2.x antérieures à 7.2.3 | ||
| Fortinet | FortiPAM | FortiPAM toutes versions 1.0.x, 1.1.x, 1.2.x et 1.3.x | ||
| Fortinet | FortiSRA | FortiSRA versions 1.5.x antérieures à 1.5.1 | ||
| Fortinet | FortiWeb | FortiWeb toutes versions 6.4.x, 7.0.x et 7.2.x | ||
| Fortinet | FortiDLP | FortiDLP versions 12.2.x et antérieures à 12.2.3 | ||
| Fortinet | FortiManager | FortiManager Cloud versions 7.6.x antérieures à 7.6.3 | ||
| Fortinet | FortiSOAR | FortiSOAR on-premise versions 7.6.x antérieures à 7.6.2 | ||
| Fortinet | FortiNDR | FortiNDR toutes versions 1.5.x, 7.0.x, 7.1.x et 7.2.x | ||
| Fortinet | FortiClient | FortiClientWindows versions 7.4.x antérieures à 7.4.4 | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer Cloud versions postérieures à 7.4.1 et antérieures à 7.4.6 | ||
| Fortinet | FortiManager | FortiManager versions 7.2.x antérieures à 7.2.10 | ||
| Fortinet | FortiVoice | FortiVoice versions 7.0.x antérieures à 7.0.5 | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer versions 7.4.x antérieures à 7.4.7 | ||
| Fortinet | FortiClient | FortiClientWindows versions 7.2.x antérieures à 7.2.12 | ||
| Fortinet | FortiManager | FortiManager Cloud toutes versions 6.4.x | ||
| Fortinet | FortiPAM | FortiPAM versions 1.4.x antérieures à 1.4.3 | ||
| Fortinet | FortiManager | FortiManager Cloud versions postérieures à 7.2.1 et antérieures à 7.2.10 | ||
| Fortinet | FortiPAM | FortiPAM versions 1.5.x antérieures à 1.5.1 | ||
| Fortinet | FortiSIEM | FortiSIEM toutes versions 6.2.x, 6.3.x, 6.4.x, 6.5.x, 6.6.x, 6.7.x, 7.0.x et 7.1.x | ||
| Fortinet | FortiMail | FortiMail versions 7.2.x antérieures à 7.2.7 | ||
| Fortinet | FortiSRA | FortiSRA versions 1.4.x antérieures à 1.4.3 | ||
| Fortinet | FortiRecorder | FortiRecorder versions 7.0.x antérieures à 7.0.5 | ||
| Fortinet | FortiWeb | FortiWeb versions 7.4.x antérieures à 7.4.5 | ||
| Fortinet | FortiManager | FortiManager versions 7.4.x antérieures à 7.4.6 | ||
| Fortinet | FortiADC | FortiADC versions 7.2.x antérieures à 7.2.4 | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer versions 7.6.x antérieures à 7.6.4 | ||
| Fortinet | FortiClient | FortiClientWindows toutes versions 7.0.x | ||
| Fortinet | FortiIsolator | FortiIsolator versions 2.4.x antérieures à 2.4.5 | ||
| Fortinet | FortiTester | FortiTester version 7.4 antérieures à 7.4.3 | ||
| Fortinet | FortiVoice | FortiVoice versions 6.4.x antérieures à 6.4.10 | ||
| Fortinet | FortiManager | FortiManager Cloud versions postérieures à 7.4.1 et antérieures à 7.4.6 | ||
| Fortinet | FortiOS | FortiOS toutes versions 6.0.x, 6.2.x, 6.4.x, 7.0.x, 7.2.x et 7.4.x | ||
| Fortinet | FortiIsolator | FortiIsolator toutes versions 2.3.x | ||
| Fortinet | FortiADC | FortiADC versions 7.1.x antérieures à 7.1.5 | ||
| Fortinet | FortiProxy | FortiProxy toutes versions 1.0.x, 1.1.x, 1.2.x, 2.0.x, 7.0.x, 7.2.x et 7.4.x | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer Cloud toutes versions 6.4.x | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer toutes versions 6.0.x, 6.2.x, 6.4.x, 7.0.x et 7.2.x | ||
| Fortinet | FortiSwitch | FortiSwitchManager versions 7.2.x antérieures à 7.2.6 | ||
| Fortinet | FortiManager | FortiManager versions 7.0.x antérieures à 7.0.14 | ||
| Fortinet | FortiManager | FortiManager toutes versions 6.0.x, 6.2.x et 6.4.x | ||
| Fortinet | FortiWeb | FortiWeb versions 7.6.x antérieures à 7.6.1 | ||
| Fortinet | FortiNDR | FortiNDR versions 7.6.x antérieures à 7.6.2 | ||
| Fortinet | FortiProxy | FortiProxy versions 7.6.x antérieures à 7.6.4 | ||
| Fortinet | FortiADC | FortiADC versions 7.4.x antérieures à 7.4.1 | ||
| Fortinet | FortiNDR | FortiNDR versions 7.4.x antérieures à 7.4.9 | ||
| Fortinet | FortiSwitch | FortiSwitchManager versions 7.0.x antérieures à 7.0.4 | ||
| Fortinet | FortiMail | FortiMail versions 7.4.x antérieures à 7.4.3 | ||
| Fortinet | FortiRecorder | FortiRecorder versions 7.2.x antérieures à 7.2.2 | ||
| Fortinet | FortiClient | FortiClientMac versions 7.4.x antérieures à 7.4.4 | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer Cloud versions postérieures à 7.0.1 et antérieures à 7.0.14 | ||
| Fortinet | FortiClient | FortiClientMac versions 7.2.x antérieures à 7.2.12 | ||
| Fortinet | FortiSOAR | FortiSOAR on-premise versions 7.5.x antérieures à 7.5.2 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "FortiDLP toutes versions 10.3.x, 10.4.x, 10.5.x, 11.0.x, 11.1.x, 11.2.x, 11.3.x, 11.4.x, 11.5.x, 12.0.x, 12.1.x",
"product": {
"name": "FortiDLP",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC toutes versions 6.2.x et 7.0.x",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager Cloud versions post\u00e9rieures \u00e0 7.0.1 et ant\u00e9rieures \u00e0 7.0.14",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer Cloud versions post\u00e9rieures \u00e0 7.2.1 et ant\u00e9rieures \u00e0 7.2.10",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiTester toutes versions 4.2.x, 7.0.x, 7.1.x, 7.2.x et 7.3.x",
"product": {
"name": "FortiTester",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager versions 7.6.x ant\u00e9rieures \u00e0 7.6.2",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions 7.6.x ant\u00e9rieures \u00e0 7.6.4",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiVoice versions 6.0.7 \u00e0 6.0.12",
"product": {
"name": "FortiVoice",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClientMac toutes versions 7.0.x",
"product": {
"name": "FortiClient",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSOAR on-premise toutes versions 7.3.x et 7.4.x",
"product": {
"name": "FortiSOAR",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSIEM versions 7.2.x ant\u00e9rieures \u00e0 7.2.3",
"product": {
"name": "FortiSIEM",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiPAM toutes versions 1.0.x, 1.1.x, 1.2.x et 1.3.x",
"product": {
"name": "FortiPAM",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSRA versions 1.5.x ant\u00e9rieures \u00e0 1.5.1",
"product": {
"name": "FortiSRA",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWeb toutes versions 6.4.x, 7.0.x et 7.2.x",
"product": {
"name": "FortiWeb",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiDLP versions 12.2.x et ant\u00e9rieures \u00e0 12.2.3",
"product": {
"name": "FortiDLP",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager Cloud versions 7.6.x ant\u00e9rieures \u00e0 7.6.3",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSOAR on-premise versions 7.6.x ant\u00e9rieures \u00e0 7.6.2",
"product": {
"name": "FortiSOAR",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiNDR toutes versions 1.5.x, 7.0.x, 7.1.x et 7.2.x",
"product": {
"name": "FortiNDR",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClientWindows versions 7.4.x ant\u00e9rieures \u00e0 7.4.4",
"product": {
"name": "FortiClient",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer Cloud versions post\u00e9rieures \u00e0 7.4.1 et ant\u00e9rieures \u00e0 7.4.6",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager versions 7.2.x ant\u00e9rieures \u00e0 7.2.10",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiVoice versions 7.0.x ant\u00e9rieures \u00e0 7.0.5",
"product": {
"name": "FortiVoice",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer versions 7.4.x ant\u00e9rieures \u00e0 7.4.7",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClientWindows versions 7.2.x ant\u00e9rieures \u00e0 7.2.12",
"product": {
"name": "FortiClient",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager Cloud toutes versions 6.4.x",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiPAM versions 1.4.x ant\u00e9rieures \u00e0 1.4.3",
"product": {
"name": "FortiPAM",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager Cloud versions post\u00e9rieures \u00e0 7.2.1 et ant\u00e9rieures \u00e0 7.2.10",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiPAM versions 1.5.x ant\u00e9rieures \u00e0 1.5.1",
"product": {
"name": "FortiPAM",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSIEM toutes versions 6.2.x, 6.3.x, 6.4.x, 6.5.x, 6.6.x, 6.7.x, 7.0.x et 7.1.x",
"product": {
"name": "FortiSIEM",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiMail versions 7.2.x ant\u00e9rieures \u00e0 7.2.7",
"product": {
"name": "FortiMail",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSRA versions 1.4.x ant\u00e9rieures \u00e0 1.4.3",
"product": {
"name": "FortiSRA",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiRecorder versions 7.0.x ant\u00e9rieures \u00e0 7.0.5",
"product": {
"name": "FortiRecorder",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWeb versions 7.4.x ant\u00e9rieures \u00e0 7.4.5",
"product": {
"name": "FortiWeb",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager versions 7.4.x ant\u00e9rieures \u00e0 7.4.6",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC versions 7.2.x ant\u00e9rieures \u00e0 7.2.4",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer versions 7.6.x ant\u00e9rieures \u00e0 7.6.4",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClientWindows toutes versions 7.0.x",
"product": {
"name": "FortiClient",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiIsolator versions 2.4.x ant\u00e9rieures \u00e0 2.4.5",
"product": {
"name": "FortiIsolator",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiTester version 7.4 ant\u00e9rieures \u00e0 7.4.3",
"product": {
"name": "FortiTester",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiVoice versions 6.4.x ant\u00e9rieures \u00e0 6.4.10",
"product": {
"name": "FortiVoice",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager Cloud versions post\u00e9rieures \u00e0 7.4.1 et ant\u00e9rieures \u00e0 7.4.6",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS toutes versions 6.0.x, 6.2.x, 6.4.x, 7.0.x, 7.2.x et 7.4.x",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiIsolator toutes versions 2.3.x",
"product": {
"name": "FortiIsolator",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC versions 7.1.x ant\u00e9rieures \u00e0 7.1.5",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiProxy toutes versions 1.0.x, 1.1.x, 1.2.x, 2.0.x, 7.0.x, 7.2.x et 7.4.x",
"product": {
"name": "FortiProxy",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer Cloud toutes versions 6.4.x",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer toutes versions 6.0.x, 6.2.x, 6.4.x, 7.0.x et 7.2.x",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSwitchManager versions 7.2.x ant\u00e9rieures \u00e0 7.2.6",
"product": {
"name": "FortiSwitch",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager versions 7.0.x ant\u00e9rieures \u00e0 7.0.14",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager toutes versions 6.0.x, 6.2.x et 6.4.x",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWeb versions 7.6.x ant\u00e9rieures \u00e0 7.6.1",
"product": {
"name": "FortiWeb",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiNDR versions 7.6.x ant\u00e9rieures \u00e0 7.6.2",
"product": {
"name": "FortiNDR",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiProxy versions 7.6.x ant\u00e9rieures \u00e0 7.6.4",
"product": {
"name": "FortiProxy",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC versions 7.4.x ant\u00e9rieures \u00e0 7.4.1",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiNDR versions 7.4.x ant\u00e9rieures \u00e0 7.4.9",
"product": {
"name": "FortiNDR",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSwitchManager versions 7.0.x ant\u00e9rieures \u00e0 7.0.4",
"product": {
"name": "FortiSwitch",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiMail versions 7.4.x ant\u00e9rieures \u00e0 7.4.3",
"product": {
"name": "FortiMail",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiRecorder versions 7.2.x ant\u00e9rieures \u00e0 7.2.2",
"product": {
"name": "FortiRecorder",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClientMac versions 7.4.x ant\u00e9rieures \u00e0 7.4.4",
"product": {
"name": "FortiClient",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer Cloud versions post\u00e9rieures \u00e0 7.0.1 et ant\u00e9rieures \u00e0 7.0.14",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClientMac versions 7.2.x ant\u00e9rieures \u00e0 7.2.12",
"product": {
"name": "FortiClient",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSOAR on-premise versions 7.5.x ant\u00e9rieures \u00e0 7.5.2",
"product": {
"name": "FortiSOAR",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-58325",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58325"
},
{
"name": "CVE-2025-46752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46752"
},
{
"name": "CVE-2025-31365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31365"
},
{
"name": "CVE-2025-49201",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49201"
},
{
"name": "CVE-2025-54822",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54822"
},
{
"name": "CVE-2025-57741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57741"
},
{
"name": "CVE-2025-58903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58903"
},
{
"name": "CVE-2025-31514",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31514"
},
{
"name": "CVE-2025-25253",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25253"
},
{
"name": "CVE-2024-33507",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33507"
},
{
"name": "CVE-2025-25255",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25255"
},
{
"name": "CVE-2023-46718",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46718"
},
{
"name": "CVE-2025-47890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47890"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2024-26008",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26008"
},
{
"name": "CVE-2025-25252",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25252"
},
{
"name": "CVE-2024-48891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48891"
},
{
"name": "CVE-2025-59921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59921"
},
{
"name": "CVE-2025-53951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53951"
},
{
"name": "CVE-2025-53950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53950"
},
{
"name": "CVE-2025-58324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58324"
},
{
"name": "CVE-2025-53845",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53845"
},
{
"name": "CVE-2024-50571",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50571"
},
{
"name": "CVE-2025-46774",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46774"
},
{
"name": "CVE-2025-31366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31366"
},
{
"name": "CVE-2025-57716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57716"
},
{
"name": "CVE-2024-47569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47569"
},
{
"name": "CVE-2025-22258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22258"
},
{
"name": "CVE-2025-57740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57740"
},
{
"name": "CVE-2025-54973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54973"
},
{
"name": "CVE-2025-54658",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54658"
}
],
"initial_release_date": "2025-10-15T00:00:00",
"last_revision_date": "2025-10-15T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0871",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Fortinet. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet",
"vendor_advisories": [
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-372",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-372"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-412",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-412"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-228",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-228"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-280",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-280"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-685",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-685"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-452",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-452"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-487",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-487"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-639",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-639"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-037",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-037"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-684",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-684"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-354",
"url": "https://www.fortiguard.com/psirt/FG-IR-23-354"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-041",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-041"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-198",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-198"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-160",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-160"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-361",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-361"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-861",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-861"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-542",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-542"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-771",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-771"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-010",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-010"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-378",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-378"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-442",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-442"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-664",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-664"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-756",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-756"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-126",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-126"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-628",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-628"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-457",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-457"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-062",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-062"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-546",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-546"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-653",
"url": "https://www.fortiguard.com/psirt/FG-IR-25-653"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…