Fortinet Releases Security Updates to Fix Multiple Vulnerabilities
Fortinet has issued security patches to resolve several vulnerabilities across its product lineup, including FortiOS, FortiAnalyzer, FortiProxy, and FortiWeb systems.
The company’s Product Security Incident Response Team (PSIRT) published advisories detailing flaws ranging from privilege escalation to command injection that could place enterprise networks at risk.
Most Critical Vulnerability: CVE-2023-42788
The most severe vulnerability disclosed is CVE-2023-42788, an OS command injection flaw affecting FortiAnalyzer, FortiManager, and related products. This high-severity issue allows users with “System Settings” privileges to execute arbitrary commands via specially crafted diagnostic parameters, potentially granting root shell access to attackers.
This vulnerability affects FortiAnalyzer versions 7.4.0 and 7.2.0 through 7.2.3, as well as FortiManager and FortiAnalyzer-BigData systems.
SSL-VPN Vulnerabilities in FortiOS
Three SSL-VPN vulnerabilities have also been addressed:
- CVE-2024-50562: A medium-severity flaw involving insufficient session expiration, which could allow attackers to retain unauthorized access using persistent cookies.
- CVE-2025-25250: An information disclosure vulnerability that exposes sensitive data through the SSL-VPN endpoint.
- CVE-2025-22251: A communication channel flaw in the FortiGate Security Processor that could enable improper access.
These vulnerabilities impact various FortiOS versions, including 7.6.0 and several 7.4.x releases, along with FortiSASE cloud platforms. Given Fortinet’s previous SSL-VPN issues like CVE-2024-21762 that were exploited in the wild, timely patching is essential.
Additional Vulnerabilities Fixed
Fortinet also resolved the following:
- CVE-2025-22254: A medium-severity privilege escalation flaw in the GUI websocket module affecting FortiOS, FortiProxy, and FortiWeb.
- CVE-2025-22862: An authentication bypass vulnerability in the automation-stitch feature of FortiOS and FortiProxy.
- CVE-2023-29184: An issue where SSH keys are not removed properly if an operation is aborted.
- CVE-2024-50568: A weak authentication flaw in the security fabric daemon.
- CVE-2025-24471: A certificate validation vulnerability that could allow EAP authentication using revoked certificates.
Fortinet urges all users to review the relevant advisories and apply patches without delay. In light of ongoing threats and the company’s past vulnerabilities being actively exploited, these updates are considered critical.
System administrators are advised to monitor logs for suspicious activity and strengthen oversight for affected components while scheduling necessary upgrades.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
