CVE-2025-58325

--- title: 'High Severity Vulnerability in FortiOS' number: '2025-039' version: '1.0' original_date: '2025-10-14' date: '2025-10-15' --- _History:_ * _15/10/2025 --- v1.0 -- Initial publication_ # Summary On October 14, 2025, Fortinet released a security advisory addressing a high severity vulnerability in its FortiOS product [1]. It is recommended updating affected products. # Technical Details The vulnerability **CVE-2025-58325**, with a CVSS score of 7.8, is an Incorrect Provision of Specified Functionality flow that may allow a local authenticated attacker to execute system commands via crafted CLI commands. # Affected Products The following product versions are affected: - FortiOS 6.4 - FortiOS 7.0.0 through 7.0.15 - FortiOS 7.2.0 through 7.2.10 - FortiOS 7.4.0 through 7.4.5 - FortiOS 7.6.0 The following platforms are affected: 100E/101E, 100F/101F, 1100E/1101E, 1800F/1801F, 2200E/2201E, 2600F/2601F, 3300E/3301E, 3400E/3401E, 3500F/3501F, 3600E/3601E, 3800D, 3960E, 3980E, 4200F/4201F, 4400F/4401F, 5001E, 6000F, 7000E, and 7000F _Other models are not affected by this vulnerability._ # Recommendations It is recommended updating affected products. # References [1] <https://fortiguard.fortinet.com/psirt/FG-IR-24-361>

EPSS 0.02% · 6.1th percentile