Fortinet Products Multiple Vulnerabilities
Release Date: 9 Jul 2025
RISK: Medium Risk
TYPE: Operating Systems - Networks OS
Multiple vulnerabilities were identified in Fortinet Products. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, sensitive information disclosure and security restriction bypass on the targeted system.
Impact
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
FortiOS
- FortiOS 6.4 all versions
- FortiOS 7.0 all versions
- FortiOS 7.2.4 through 7.2.11
- FortiOS 7.4.0 through 7.4.7
- FortiOS 7.6.0 through 7.6.1
FortiProxy
- FortiProxy 7.0 all versions
- FortiProxy 7.2 all versions
- FortiProxy 7.4.0 through 7.4.8
- FortiProxy 7.6.0 through 7.6.1
FortiManager
- FortiManager 6.4 all versions
- FortiManager 7.0 all versions
- FortiManager 7.2 all versions
- FortiManager 7.4.0 through 7.4.6
- FortiManager 7.6.0 through 7.6.1
- FortiManager Cloud 6.4 all versions
- FortiManager Cloud 7.0 all versions
- FortiManager Cloud 7.2 all versions
- FortiManager Cloud 7.4.0 through 7.4.6
FortiAnalyzer
- FortiAnalyzer 6.4 all versions
- FortiAnalyzer 7.0 all versions
- FortiAnalyzer 7.2 all versions
- FortiAnalyzer 7.4.0 through 7.4.6
- FortiAnalyzer 7.6.0 through 7.6.1
- FortiAnalyzer Cloud 6.4 all versions
- FortiAnalyzer Cloud 7.0 all versions
- FortiAnalyzer Cloud 7.2 all versions
- FortiAnalyzer Cloud 7.4.0 through 7.4.6
FortiSASE
- FortiSASE 24.4.a
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://fortiguard.fortinet.com/psirt/FG-IR-24-437
- https://fortiguard.fortinet.com/psirt/FG-IR-24-511
- https://fortiguard.fortinet.com/psirt/FG-IR-25-026
- https://fortiguard.fortinet.com/psirt/FG-IR-24-053
沒有留言:
發佈留言