Fortinet security advisory (AV25-266)

Serial number: AV25-266
Date: May 13, 2025

On May 13, 2025, Fortinet published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

  • FortiCamera 1.1- all versions
  • FortiCamera 2.0 – all versions
  • FortiCamera 2.1- version 2.1.0 to 2.1.3
  • FortiMail - version 7.0.0 to 7.0.8
  • FortiMail - version 7.2.0 to 7.2.7
  • FortiMail - version 7.4.0 to 7.4.4
  • FortiMail - version 7.6.0 to 7.6.2
  • FortiNDR - version 1.1 to 1.4
  • FortiNDR - version 1.5.0 to 1.5.3
  • FortiNDR - version 7.0.0 to 7.0.6
  • FortiNDR - version 7.1.0 to 7.1.1
  • FortiNDR - version 7.2.0 to 7.2.4
  • FortiNDR - version 7.4.0 to 7.4.7
  • FortiNDR - version 7.6.0
  • FortiOS – version 7.4.4 to 7.4.6
  • FortiOS – version 7.6.0
  • FortiProxy – version 7.6.0 to 7.6.1
  • FortiRecorder - version 6.4.0 to 6.4.5
  • FortiRecorder - version 7.0.0 to 7.0.5
  • FortiRecorder - version 7.2.0 to 7.2.3
  • FortiSwitchManager – version 7.2.5
  • FortiVoice - versions 6.4.0 to 6.4.10
  • FortiVoice - versions 7.0.0 to 7.0.6
  • FortiVoice – versions prior to 7.2.0

Fortinet has indicated that CVE-2025-32756 has been exploited in the wild on FortiVoice.

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

Date modified: