Vulnerability-Lookup

CVE-2026-25972 (GCVE-0-2026-25972)

Vulnerability from cvelistv5 – Published: 2026-03-10 16:44 – Updated: 2026-03-12 14:28

Summary

An improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4 may allow a remote unauthenticated attacker to provide arbitrary data enabling a social engineering attack via spoofed URL parameters.

Severity ?

4.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:U/RC:C

CWE

CWE-79 - Execute unauthorized code or commands

Assigner

fortinet

References

URL

Tags

https://fortiguard.fortinet.com/psirt/FG-IR-26-077

Impacted products

	Vendor	Product	Version
	Fortinet	FortiSIEM	Affected: 7.4.0 Affected: 7.3.0 , ≤ 7.3.4 (semver) cpe:2.3:a:fortinet:fortisiem:7.4.0:::::::* cpe:2.3:a:fortinet:fortisiem:7.3.4:::::::* cpe:2.3:a:fortinet:fortisiem:7.3.3:::::::* cpe:2.3:a:fortinet:fortisiem:7.3.2:::::::* cpe:2.3:a:fortinet:fortisiem:7.3.1:::::::* cpe:2.3:a:fortinet:fortisiem:7.3.0:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-25972",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-12T14:27:55.325451Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-12T14:28:02.557Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortisiem:7.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisiem:7.3.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisiem:7.3.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisiem:7.3.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisiem:7.3.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisiem:7.3.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiSIEM",
          "vendor": "Fortinet",
          "versions": [
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "lessThanOrEqual": "7.3.4",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper neutralization of input during web page generation (\u0027cross-site scripting\u0027) vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4 may allow a remote unauthenticated attacker to provide arbitrary data enabling a social engineering attack via spoofed URL parameters."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:U/RC:C",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "Execute unauthorized code or commands",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-10T16:44:19.432Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-077",
          "url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-077"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to FortiSIEM version 7.5.0 or above\nUpgrade to FortiSIEM version 7.4.1 or above\nUpgrade to FortiSIEM version 7.3.5 or above"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2026-25972",
    "datePublished": "2026-03-10T16:44:19.432Z",
    "dateReserved": "2026-02-09T17:14:29.451Z",
    "dateUpdated": "2026-03-12T14:28:02.557Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-25972\",\"sourceIdentifier\":\"psirt@fortinet.com\",\"published\":\"2026-03-10T18:18:38.323\",\"lastModified\":\"2026-03-12T16:05:03.403\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An improper neutralization of input during web page generation (\u0027cross-site scripting\u0027) vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4 may allow a remote unauthenticated attacker to provide arbitrary data enabling a social engineering attack via spoofed URL parameters.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web (\u0027cross-site scripting\u0027) en Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 hasta 7.3.4 puede permitir a un atacante remoto no autenticado proporcionar datos arbitrarios, lo que permite un ataque de ingenier\u00eda social a trav\u00e9s de par\u00e1metros de URL falsificados.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@fortinet.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"psirt@fortinet.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.3.0\",\"versionEndExcluding\":\"7.3.5\",\"matchCriteriaId\":\"C41BBF42-F97A-4358-ADB6-9762BD8F3CAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortisiem:7.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"500DAB25-48C9-48C7-B7CD-92C06989F039\"}]}]}],\"references\":[{\"url\":\"https://fortiguard.fortinet.com/psirt/FG-IR-26-077\",\"source\":\"psirt@fortinet.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-25972\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-12T14:27:55.325451Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-12T14:27:58.719Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:U/RC:C\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:fortinet:fortisiem:7.4.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortisiem:7.3.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortisiem:7.3.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortisiem:7.3.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortisiem:7.3.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortisiem:7.3.0:*:*:*:*:*:*:*\"], \"vendor\": \"Fortinet\", \"product\": \"FortiSIEM\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.4.0\"}, {\"status\": \"affected\", \"version\": \"7.3.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.3.4\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Upgrade to FortiSIEM version 7.5.0 or above\\nUpgrade to FortiSIEM version 7.4.1 or above\\nUpgrade to FortiSIEM version 7.3.5 or above\"}], \"references\": [{\"url\": \"https://fortiguard.fortinet.com/psirt/FG-IR-26-077\", \"name\": \"https://fortiguard.fortinet.com/psirt/FG-IR-26-077\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An improper neutralization of input during web page generation (\u0027cross-site scripting\u0027) vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4 may allow a remote unauthenticated attacker to provide arbitrary data enabling a social engineering attack via spoofed URL parameters.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"Execute unauthorized code or commands\"}]}], \"providerMetadata\": {\"orgId\": \"6abe59d8-c742-4dff-8ce8-9b0ca1073da8\", \"shortName\": \"fortinet\", \"dateUpdated\": \"2026-03-10T16:44:19.432Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-25972\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-12T14:28:02.557Z\", \"dateReserved\": \"2026-02-09T17:14:29.451Z\", \"assignerOrgId\": \"6abe59d8-c742-4dff-8ce8-9b0ca1073da8\", \"datePublished\": \"2026-03-10T16:44:19.432Z\", \"assignerShortName\": \"fortinet\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

FKIE_CVE-2026-25972

Vulnerability from fkie_nvd - Published: 2026-03-10 18:18 - Updated: 2026-03-12 16:05

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

References

	URL	Tags
	psirt@fortinet.com	https://fortiguard.fortinet.com/psirt/FG-IR-26-077	Vendor Advisory

Impacted products

	Vendor	Product	Version
	fortinet	fortisiem	*
	fortinet	fortisiem	7.4.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C41BBF42-F97A-4358-ADB6-9762BD8F3CAE",
              "versionEndExcluding": "7.3.5",
              "versionStartIncluding": "7.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:fortinet:fortisiem:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "500DAB25-48C9-48C7-B7CD-92C06989F039",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An improper neutralization of input during web page generation (\u0027cross-site scripting\u0027) vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4 may allow a remote unauthenticated attacker to provide arbitrary data enabling a social engineering attack via spoofed URL parameters."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web (\u0027cross-site scripting\u0027) en Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 hasta 7.3.4 puede permitir a un atacante remoto no autenticado proporcionar datos arbitrarios, lo que permite un ataque de ingenier\u00eda social a trav\u00e9s de par\u00e1metros de URL falsificados."
    }
  ],
  "id": "CVE-2026-25972",
  "lastModified": "2026-03-12T16:05:03.403",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "psirt@fortinet.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2026-03-10T18:18:38.323",
  "references": [
    {
      "source": "psirt@fortinet.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-077"
    }
  ],
  "sourceIdentifier": "psirt@fortinet.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "psirt@fortinet.com",
      "type": "Primary"
    }
  ]
}

GHSA-2M7Q-86J6-PC24

Vulnerability from github – Published: 2026-03-10 18:31 – Updated: 2026-03-10 18:31

Details

Severity ?

4.3 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-25972"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-10T18:18:38Z",
    "severity": "MODERATE"
  },
  "details": "An improper neutralization of input during web page generation (\u0027cross-site scripting\u0027) vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4 may allow a remote unauthenticated attacker to provide arbitrary data enabling a social engineering attack via spoofed URL parameters.",
  "id": "GHSA-2m7q-86j6-pc24",
  "modified": "2026-03-10T18:31:21Z",
  "published": "2026-03-10T18:31:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25972"
    },
    {
      "type": "WEB",
      "url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-077"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2026-AVI-0265

Vulnerability from certfr_avis - Published: 2026-03-11 - Updated: 2026-03-11

De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et une atteinte à la confidentialité des données.

Concernant la vulnérabilité CVE-2025-66178, l'éditeur fournit certaines recommandations dans l'attente de la version correctrice.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Fortinet	FortiClient	FortiClientLinux versions 7.4.x antérieures à 7.4.5
Fortinet	FortiAnalyzer	FortiAnalyzer-BigData versions 7.6.x antérieures à 7.6.1
Fortinet	FortiMail	FortiMail versions 7.4.x antérieures à 7.4.5
Fortinet	FortiClient	FortiClientLinux versions antérieures à 7.2.13
Fortinet	FortiSandbox	FortiSandbox versions antérieures à 4.4.8
Fortinet	FortiManager	FortiManager versions antérieures à 7.6.5
Fortinet	FortiManager	FortiManager Cloud versions antérieures à 7.6.5
Fortinet	FortiMail	FortiMail versions 7.6.x antérieures à 7.6.3
Fortinet	FortiDeceptor	FortiDeceptor toutes versions antérieures à 6.2.1
Fortinet	FortiVoice	FortiVoice versions 7.2.x antérieures à 7.2.1
Fortinet	FortiAnalyzer	FortiAnalyzer Cloud versions antérieures à 7.6.5
Fortinet	FortiSOAR	FortiSOAR Agent Communication Bridge versions antérieures à 1.1.1
Fortinet	FortiWeb	FortiWeb versions antérieures à 7.6.7
Fortinet	FortiVoice	FortiVoice versions 7.0.x antérieures à 7.0.7
Fortinet	FortiSIEM	FortiSIEM versions 7.4.x antérieures à 7.4.1
Fortinet	FortiSIEM	FortiSIEM versions 7.3.x antérieures à 7.3.5
Fortinet	FortiWeb	FortiWeb versions 8.0.x antérieures à 8.0.4
Fortinet	FortiRecorder	FortiRecorder toutes versions antérieures à 7.2.4
Fortinet	FortiAnalyzer	FortiAnalyzer-BigData versions antérieures à 7.4.5
Fortinet	FortiMail	FortiMail versions 7.2.x antérieures à 7.2.8
Fortinet	FortiSwitch	FortiSwitchAXFixed versions 1.0.x antérieures à 1.0.2
Fortinet	FortiAnalyzer	FortiAnalyzer versions antérieures à 7.6.5
Fortinet	FortiMail	FortiMail versions 7.0.x antérieures à 7.0.9

References

Title

Publication Time

Tags

Bulletin de sécurité Fortinet FG-IR-26-078	2026-03-10	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-26-096	2026-03-10	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-26-098	2026-03-10	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-26-080	2026-03-10	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-26-088	2026-03-10	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-26-094	2026-03-10	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-26-092	2026-03-10	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-26-090	2026-03-10	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-26-081	2026-03-10	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-26-095	2026-03-10	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-26-093	2026-03-10	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-26-083	2026-03-10	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-26-087	2026-03-10	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-26-079	2026-03-10	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-26-086	2026-03-10	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-26-077	2026-03-10	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-26-082	2026-03-10	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-26-097	2026-03-10	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-26-085	2026-03-10	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-26-091	2026-03-10	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-26-089	2026-03-10	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-26-084	2026-03-10	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "FortiClientLinux versions 7.4.x ant\u00e9rieures \u00e0 7.4.5",
      "product": {
        "name": "FortiClient",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiAnalyzer-BigData versions 7.6.x ant\u00e9rieures \u00e0 7.6.1",
      "product": {
        "name": "FortiAnalyzer",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiMail versions 7.4.x ant\u00e9rieures \u00e0 7.4.5",
      "product": {
        "name": "FortiMail",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiClientLinux versions ant\u00e9rieures \u00e0 7.2.13",
      "product": {
        "name": "FortiClient",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiSandbox versions ant\u00e9rieures \u00e0 4.4.8",
      "product": {
        "name": "FortiSandbox",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiManager versions ant\u00e9rieures \u00e0 7.6.5",
      "product": {
        "name": "FortiManager",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiManager Cloud versions ant\u00e9rieures \u00e0 7.6.5",
      "product": {
        "name": "FortiManager",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiMail versions 7.6.x ant\u00e9rieures \u00e0 7.6.3",
      "product": {
        "name": "FortiMail",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiDeceptor toutes versions ant\u00e9rieures \u00e0 6.2.1",
      "product": {
        "name": "FortiDeceptor",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiVoice versions 7.2.x ant\u00e9rieures \u00e0 7.2.1",
      "product": {
        "name": "FortiVoice",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiAnalyzer Cloud versions ant\u00e9rieures \u00e0 7.6.5",
      "product": {
        "name": "FortiAnalyzer",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiSOAR Agent Communication Bridge versions ant\u00e9rieures \u00e0 1.1.1",
      "product": {
        "name": "FortiSOAR",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiWeb versions ant\u00e9rieures \u00e0 7.6.7",
      "product": {
        "name": "FortiWeb",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiVoice versions 7.0.x ant\u00e9rieures \u00e0 7.0.7",
      "product": {
        "name": "FortiVoice",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiSIEM versions 7.4.x ant\u00e9rieures \u00e0 7.4.1",
      "product": {
        "name": "FortiSIEM",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiSIEM versions 7.3.x ant\u00e9rieures \u00e0 7.3.5",
      "product": {
        "name": "FortiSIEM",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiWeb versions 8.0.x ant\u00e9rieures \u00e0 8.0.4",
      "product": {
        "name": "FortiWeb",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiRecorder toutes versions ant\u00e9rieures \u00e0 7.2.4",
      "product": {
        "name": "FortiRecorder",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiAnalyzer-BigData versions ant\u00e9rieures \u00e0 7.4.5",
      "product": {
        "name": "FortiAnalyzer",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiMail versions 7.2.x ant\u00e9rieures \u00e0 7.2.8",
      "product": {
        "name": "FortiMail",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiSwitchAXFixed versions 1.0.x ant\u00e9rieures \u00e0 1.0.2",
      "product": {
        "name": "FortiSwitch",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiAnalyzer versions ant\u00e9rieures \u00e0 7.6.5",
      "product": {
        "name": "FortiAnalyzer",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiMail versions 7.0.x ant\u00e9rieures \u00e0 7.0.9",
      "product": {
        "name": "FortiMail",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-30897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-30897"
    },
    {
      "name": "CVE-2025-53608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53608"
    },
    {
      "name": "CVE-2026-24017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-24017"
    },
    {
      "name": "CVE-2025-68648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68648"
    },
    {
      "name": "CVE-2026-24640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-24640"
    },
    {
      "name": "CVE-2026-22572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22572"
    },
    {
      "name": "CVE-2025-48418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48418"
    },
    {
      "name": "CVE-2025-48840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48840"
    },
    {
      "name": "CVE-2026-24641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-24641"
    },
    {
      "name": "CVE-2026-22627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22627"
    },
    {
      "name": "CVE-2025-55717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55717"
    },
    {
      "name": "CVE-2026-24018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-24018"
    },
    {
      "name": "CVE-2025-54820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-54820"
    },
    {
      "name": "CVE-2025-49784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49784"
    },
    {
      "name": "CVE-2026-22629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22629"
    },
    {
      "name": "CVE-2025-66178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66178"
    },
    {
      "name": "CVE-2026-25689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25689"
    },
    {
      "name": "CVE-2026-25972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25972"
    },
    {
      "name": "CVE-2025-54659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-54659"
    },
    {
      "name": "CVE-2025-68482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68482"
    },
    {
      "name": "CVE-2026-22628",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22628"
    },
    {
      "name": "CVE-2026-25836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25836"
    }
  ],
  "initial_release_date": "2026-03-11T00:00:00",
  "last_revision_date": "2026-03-11T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0265",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-03-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Injection SQL (SQLi)"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Fortinet. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n\nConcernant la vuln\u00e9rabilit\u00e9 CVE-2025-66178, l\u0027\u00e9diteur fournit certaines recommandations dans l\u0027attente de la version correctrice.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet",
  "vendor_advisories": [
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-078",
      "url": "https://www.fortiguard.com/psirt/FG-IR-26-078"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-096",
      "url": "https://www.fortiguard.com/psirt/FG-IR-26-096"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-098",
      "url": "https://www.fortiguard.com/psirt/FG-IR-26-098"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-080",
      "url": "https://www.fortiguard.com/psirt/FG-IR-26-080"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-088",
      "url": "https://www.fortiguard.com/psirt/FG-IR-26-088"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-094",
      "url": "https://www.fortiguard.com/psirt/FG-IR-26-094"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-092",
      "url": "https://www.fortiguard.com/psirt/FG-IR-26-092"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-090",
      "url": "https://www.fortiguard.com/psirt/FG-IR-26-090"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-081",
      "url": "https://www.fortiguard.com/psirt/FG-IR-26-081"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-095",
      "url": "https://www.fortiguard.com/psirt/FG-IR-26-095"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-093",
      "url": "https://www.fortiguard.com/psirt/FG-IR-26-093"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-083",
      "url": "https://www.fortiguard.com/psirt/FG-IR-26-083"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-087",
      "url": "https://www.fortiguard.com/psirt/FG-IR-26-087"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-079",
      "url": "https://www.fortiguard.com/psirt/FG-IR-26-079"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-086",
      "url": "https://www.fortiguard.com/psirt/FG-IR-26-086"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-077",
      "url": "https://www.fortiguard.com/psirt/FG-IR-26-077"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-082",
      "url": "https://www.fortiguard.com/psirt/FG-IR-26-082"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-097",
      "url": "https://www.fortiguard.com/psirt/FG-IR-26-097"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-085",
      "url": "https://www.fortiguard.com/psirt/FG-IR-26-085"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-091",
      "url": "https://www.fortiguard.com/psirt/FG-IR-26-091"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-089",
      "url": "https://www.fortiguard.com/psirt/FG-IR-26-089"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-26-084",
      "url": "https://www.fortiguard.com/psirt/FG-IR-26-084"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-25972 (GCVE-0-2026-25972)

FKIE_CVE-2026-25972

GHSA-2M7Q-86J6-PC24

CERTFR-2026-AVI-0265

Solutions

Tags

Sightings

Nomenclature