Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2025-25256

CRITICAL
Published 2025-08-12T18:59:14.863Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2025-25256. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1
9.8
/10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:X/RC:C
Base Score Metrics
Exploitability: N/A Impact: N/A

Attack Vector Metrics

Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED

Impact Metrics

Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Description

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9 allows an unauthenticated attacker to execute unauthorized code or commands via crafted CLI requests.

Available Exploits

No exploits available for this CVE.

Related News

CVE-2025-25256: Proof of Concept Released for Critical Fortinet FortiSIEM Command Injection Vulnerability

Exploit code is reportedly available for a critical command injection vulnerability affecting Fortinet FortiSIEM devices.BackgroundOn August 12, Fortinet published a security advisory (FG-IR-25-152) for CVE-2025-25256, a critical command injection vulnerabi…

Tenable.com 2025-08-13 17:46
Read More
Critical FortiSIEM flaw under active exploitation, Fortinet warns

Fortinet warns of a critical FortiSIEM vulnerability, tracked as CVE-2025-25256, that is actively exploited in attacks in the wild. Fortinet warns customers of a critical vulnerability, tracked as CVE-2025-25256 (CVSS score of 9.8), affecting FortiSIEM for wh…

Securityaffairs.com 2025-08-13 17:40
Read More
Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code

Fortinet is alerting customers of a critical security flaw in FortiSIEM for which it said there exists an exploit in the wild. The vulnerability, tracked as CVE-2025-25256, carries a CVSS score of 9.8 out of a maximum of 10.0. "An improper neutralization of s…

Internet 2025-08-13 11:37
Read More
Fortinet warns about FortiSIEM vulnerability with in-the-wild exploit code (CVE-2025-25256)

Fortinet has released patches for a critical OS command injection vulnerability (CVE-2025-25256) in FortiSIEM, after practical exploit code surfaced in the wild. About CVE-2025-25256 FortiSIEM is a security information and event management platform used by or…

Help Net Security 2025-08-13 09:43
Read More

Affected Products

Fortinet

FortiSIEM

Affected Versions:

7.3.0 7.2.0 7.1.0 7.0.0 6.7.0 6.6.0 6.5.0 6.4.0 6.3.0 6.2.0 6.1.0 5.4.0

EU Vulnerability Database

Monitored by ENISA for EU cybersecurity

EU Coordination

EU Coordinated

Exploitation Status

No Known Exploitation

EUVD ID

View on ENISA

ENISA Analysis

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9 allows an unauthenticated attacker to execute unauthorized code or commands via crafted CLI requests.

Affected Products (ENISA)

fortinet
fortisiem

ENISA Scoring

CVSS Score (3.1)

9.8
/10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:X/RC:C

EPSS Score

2.700
probability

ENISA References

https://fortiguard.fortinet.com/psirt/FG-IR-25-152

Data provided by ENISA EU Vulnerability Database. Last updated: August 16, 2025

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed CRITICAL

GHSA-6gxf-4w6m-j956

Advisory Details

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9 allows an unauthenticated attacker to execute unauthorized code or commands via crafted CLI requests.

CVSS Scoring

CVSS Score

9.0

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2025-25256
WEB https://fortiguard.fortinet.com/psirt/FG-IR-25-152
WEB https://github.com/watchtowrlabs/watchTowr-vs-FortiSIEM-CVE-2025-25256
WEB https://labs.watchtowr.com/should-security-solutions-be-secure-maybe-were-all-wrong-fortinet-fortisiem-pre-auth-command-injection-cve-2025-25256
WEB https://www.theregister.com/2025/08/13/fortinet_discloses_critical_bug

Advisory provided by GitHub Security Advisory Database. Published: August 12, 2025, Modified: August 15, 2025

Social Media Intelligence

Real-time discussions and threat intelligence from social platforms

15 posts
Reddit 3 days, 16 hours ago
Steve_Dobbs_69

CVE-2025-25256: A Critical OS Command Injection Vulnerability in Fortinet FortiSIEM

1
1.0
View Original
Reddit 5 days, 2 hours ago
crstux
Exploit

🔥 Top 10 Trending CVEs (18/08/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-8091](https://nvd.nist.gov/vuln/detail/CVE-2025-8091)** - 📝 The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less than, or equal to, 2.4.6 via the add_single_eventon and add_eventon shortcodes due to …

Also mentions: CVE-2025-8091 CVE-2025-52970 CVE-2025-8088 CVE-2025-21479 CVE-2025-31324 CVE-2025-30712 CVE-2025-26633 CVE-2024-29847 CVE-2024-39884 CVE-2024-40725
2
2.0
View Original High Risk
Reddit 6 days, 2 hours ago
crstux
Exploit

🔥 Top 10 Trending CVEs (17/08/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-26633](https://nvd.nist.gov/vuln/detail/CVE-2025-26633)** - 📝 Microsoft Management Console Security Feature Bypass Vulnerability - 📅 **Published:** 11/03/2025 - 📈 **CVSS:** 7 - 🧭 **Vector:** CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C - 📣 **Mentions:** 61 - ⚠️ **Priority:** 2 - …

Also mentions: CVE-2025-20265 CVE-2025-8088 CVE-2025-21479 CVE-2025-31324 CVE-2025-32433 CVE-2025-30712 CVE-2025-26633 CVE-2024-39884 CVE-2024-40725 CVE-2023-44487
1
1.0
View Original High Risk
Reddit 1 week ago
crstux
Exploit

🔥 Top 10 Trending CVEs (16/08/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2023-44487](https://nvd.nist.gov/vuln/detail/CVE-2023-44487)** - 📝 The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October …

Also mentions: CVE-2025-20265 CVE-2025-50154 CVE-2025-53773 CVE-2025-8088 CVE-2025-8356 CVE-2025-8355 CVE-2025-21479 CVE-2023-44487
2
2.0
View Original High Risk
Reddit 1 week ago
digicat

Should Security Solutions Be Secure? Maybe We're All Wrong - Fortinet FortiSIEM Pre-Auth Command Injection (CVE-2025-25256)

5
5.0
View Original
Reddit 1 week ago
Poutcheki

Fortinet FortiSIEM Command Injection Vulnerability (CVE-2025-25256)

1
1.0
View Original
Reddit 1 week ago
dx7r__

Should Security Solutions Be Secure? Maybe We're All Wrong - Fortinet FortiSIEM Pre-Auth Command Injection (CVE-2025-25256) - watchTowr Labs

37
4
45.0
View Original
Reddit 1 week, 1 day ago
Sarunas
Exploit

FortiSIEM pažeidžiamumas FortiSIEM pažeidžiamumas CVE-2025-25256. Atrasta rimta saugumo spraga FortiSIEM sistemoje. Rekomenduojama iš karto atnaujinti programinę įrangą ir patikrinti infrastruktūrą. Skaitom: [https://www.bleepingcomputer.com/news/security/fortinet-warns-of-fortisiem-pre-auth-rce-flaw-with-exploit-in-the-wild/](https://www.bleepingcomputer.com/news/security/fortinet-warns-of-fortisiem-pre-auth-rce-flaw-with-exploit-in-the-wild/)

1
1.0
View Original High Risk
Reddit 1 week, 1 day ago
crstux
Exploit

🔥 Top 10 Trending CVEs (15/08/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-50167](https://nvd.nist.gov/vuln/detail/CVE-2025-50167)** - 📝 Windows Hyper-V Elevation of Privilege Vulnerability - 📅 **Published:** 12/08/2025 - 📈 **CVSS:** 7 - 🧭 **Vector:** CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C - 📣 **Mentions:** 2 - ⚠️ **Priority:** 2 - 📝 …

Also mentions: CVE-2025-20265 CVE-2025-52970 CVE-2025-50167 CVE-2025-50154 CVE-2025-53773 CVE-2025-8088 CVE-2025-8356 CVE-2025-8355
1
1.0
View Original High Risk
Reddit 1 week, 2 days ago
falconupkid
Exploit PoC

SecOpsDaily - 2025-08-13 Roundup Highlights from today: - [Threat Intel] [Static vs. Runtime Reachability: Insights from Latio’s On the Record Podcast](https://socket.dev/blog/static-vs-runtime-reachability-podcast?utm_medium=feed) - [News] [New PS1Bot Malware Campaign Uses Malvertising to Deploy Multi-Stage In-Memory Attacks](https://thehackernews.com/2025/08/new-ps1bot-malware-campaign-uses.html) - [Threat Intel] [Microsoft patches some very important vulnerabilities in August’s patch Tuesday](https://www.malwarebytes.com/blog/news/2025/08/microsoft-patches-some-very-important-vulnerabilities-in-augusts-patch-tuesday) - [News] [Pennsylvania …

1
1.0
View Original High Risk
View All 15 Posts

References

https://fortiguard.fortinet.com/psirt/FG-IR-25-152
Published: 2025-08-12T18:59:14.863Z
Last Modified: 2025-08-16T03:55:46.637Z
Copied to clipboard!