Detections
Analytics

CVE-2025-25256

critical

Description

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9 allows an unauthenticated attacker to execute unauthorized code or commands via crafted CLI requests.

From the Tenable Blog

CVE-2025-25256: Proof of Concept Released for Critical Fortinet FortiSIEM Command Injection Vulnerability
CVE-2025-25256: Proof of Concept Released for Critical Fortinet FortiSIEM Command Injection Vulnerability

Published: 2025-08-13

Exploit code is reportedly available for a critical command injection vulnerability affecting Fortinet FortiSIEM devices.BackgroundOn August 12, Fortinet published a security advisory (FG-IR-25-152) for CVE-2025-25256, a critical command injection vulnerability affecting Fortinet FortiSIEM.

References

https://www.theregister.com/2025/08/13/fortinet_discloses_critical_bug/

https://fortiguard.fortinet.com/psirt/FG-IR-25-152

Details

Source: Mitre, NVD

Published: 2025-08-12

Updated: 2025-08-13

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.01638

Vulnerability Watch

Tenable Research has classified this CVE under the following Vulnerability Watch classification, which includes active and historical (inactive) classifications. You can learn more about these classifications on our blog.

Vulnerability of Interest