High Severity Vulnerability in FortiOS
History:
- 15/10/2025 --- v1.0 -- Initial publication
Summary
On October 14, 2025, Fortinet released a security advisory addressing a high severity vulnerability in its FortiOS product [1].
It is recommended updating affected products.
Technical Details
The vulnerability CVE-2025-58325, with a CVSS score of 7.8, is an Incorrect Provision of Specified Functionality flow that may allow a local authenticated attacker to execute system commands via crafted CLI commands.
Affected Products
The following product versions are affected:
- FortiOS 6.4
- FortiOS 7.0.0 through 7.0.15
- FortiOS 7.2.0 through 7.2.10
- FortiOS 7.4.0 through 7.4.5
- FortiOS 7.6.0
The following platforms are affected:
100E/101E, 100F/101F, 1100E/1101E, 1800F/1801F, 2200E/2201E, 2600F/2601F, 3300E/3301E, 3400E/3401E, 3500F/3501F, 3600E/3601E, 3800D, 3960E, 3980E, 4200F/4201F, 4400F/4401F, 5001E, 6000F, 7000E, and 7000F
Other models are not affected by this vulnerability.
Recommendations
It is recommended updating affected products.