CVE‑2025‑25256

Fortinet FortiSIEM Pre-Authentication Command Injection Vulnerability

Fortinet FortiSIEM Pre-Authentication Command Injection Vulnerability allows for unauthenticated remote code execution (RCE) attacks.

Exploiting this vulnerability can allow an attacker to gain complete control over the affected system. This includes accessing sensitive data, modifying or deleting system resources, and potentially installing malware or creating backdoors.

Mitigations

  • Reference the vendor advisory and upgrade to the latest patched version of the software.

Rapid Response N-Day Testing

Run the Test Now

References

🔗 CVE-2025-25256 

🔗 Vendor Advisory 

🔗 Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code 

Read about other CVEs

NodeZero® Platform

Implement a continuous find, fix, and verify loop with NodeZero

The NodeZero® platform empowers your organization to reduce your security risks by autonomously finding exploitable weaknesses in your network, giving you detailed guidance around how to priortize and fix them, and having you immediately verify that your fixes are effective.
Explore NodeZero

Recognized By