Fortinet Products Multiple Vulnerabilities

Release Date: 10 Dec 2025

RISK: Medium Risk

TYPE: Operating Systems - Networks OS

Multiple vulnerabilities were identified in Fortinet Products. A remote attacker could exploit some of these vulnerabilities to trigge remote code execution, elevation of privilege, sensitive information disclosure and security restriction bypass on the targeted system.

Impact

Security Restriction Bypass
Information Disclosure
Elevation of Privilege
Remote Code Execution

System / Technologies affected

FortiAnalyzer

FortiAnalyzer 7.2.0 through 7.2.5
FortiAnalyzer 7.4.0 through 7.4.2

FortiAuthenticator

FortiAuthenticator 6.3 all versions
FortiAuthenticator 6.4 all versions
FortiAuthenticator 6.5 all versions
FortiAuthenticator 6.6.0 through 6.6.6

FortiManager

FortiManager 6.4 all versions
FortiManager 7.0 all versions
FortiManager 7.2.0 through 7.2.5
FortiManager 7.4.0 through 7.4.2

FortiOS

FortiOS 6.4 all versions
FortiOS 7.0 all versions
FortiOS 7.2 all versions
FortiOS 7.4.0 through 7.4.8
FortiOS 7.6.0 through 7.6.3

FortiPortal

FortiPortal 6.0 all versions

FortiProxy

FortiProxy 7.0.0 through 7.0.21
FortiProxy 7.2.0 through 7.2.14
FortiProxy 7.4.0 through 7.4.10
FortiProxy 7.6.0 through 7.6.3

FortiSwitchManager

FortiSwitchManager 7.0.0 through 7.0.5
FortiSwitchManager 7.2.0 through 7.2.6

FortiWeb

FortiWeb 7.0.0 through 7.0.11
FortiWeb 7.2.0 through 7.2.11
FortiWeb 7.4.0 through 7.4.10
FortiWeb 7.6.0 through 7.6.5
FortiWeb 8.0.0 through 8.0.1

FortiPAM

FortiPAM 1.0 all versions
FortiPAM 1.1 all versions
FortiPAM 1.2 all versions
FortiPAM 1.3 all versions
FortiPAM 1.4 all versions

FortiSASE

FortiSASE 24.1.b

FortiSRA

FortiSRA 1.4 all versions

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

Vulnerability Identifier

Source

Fortinet

2025年12月11日星期四