Fortinet security advisory (AV25-406) - Update 2

Serial number: AV25-406
Date: July 8, 2025

Updated: July 18, 2025

On July 8, 2025, Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following:

• FortiAnalyzer – multiple versions
• FortiAnalyzer Cloud – multiple versions
• FortiIsolator – multiple versions
• FortiManager – multiple versions
• FortiManager Cloud – multiple versions
• FortiOS 7.6 – versions 7.6.0 to 7.6.1
• FortiOS 7.4 – versions 7.4.0 to 7.4.7
• FortiOS 7.2 – versions 7.2.0 to 7.2.11
• FortiOS 7.0 – versions 7.0.1 to 7.0.16
• FortiProxy 7.6 – versions 7.6.0 to 7.6.1
• FortiProxy 7.4 – versions 7.4.0 to 7.4.8
• FortiProxy 7.2 – versions 7.2.0 to 7.2.13
• FortiProxy 7.0 – versions 7.0.0 to 7.0.20
• FortiSandbox – multiple versions
• FortiVoice 6.4 – versions 6.4.0 to 6.4.10
• FortiVoice 7.0 – versions 7.0.0 to 7.0.6
• FortiVoice 7.2 – versions 7.2.0
• FortiWeb – multiple versions

Update 2

On July 18, 2025, CISA added CVE-2025-25257 to their Known Exploited Vulnerabilities (KEV) Catalog.

On July 18, 2025, Fortinet updated their advisory to indicate that this vulnerability has been exploited.

• Known Exploited Vulnerabilities Catalog
• Fortinet PSIRT Advisories

Update 1

CVE-2025-25257: Unauthenticated SQL injection in GUI affecting:

• FortiWeb 7.6 – versions 7.6.0 to 7.6.3
• FortiWeb 7.4 – versions 7.4.0 to 7.4.7
• FortiWeb 7.2 – versions 7.2.0 to 7.2.10
• FortiWeb 7.0 – versions 7.0.0 to 7.0.10

• Fortinet PSIRT – FG-IR-25-151
   

  The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

  • Fortinet PSIRT Advisories