Serial number: AV25-266
Date: May 13, 2025
On May 13, 2025, Fortinet published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- FortiCamera 1.1- all versions
- FortiCamera 2.0 – all versions
- FortiCamera 2.1- version 2.1.0 to 2.1.3
- FortiMail - version 7.0.0 to 7.0.8
- FortiMail - version 7.2.0 to 7.2.7
- FortiMail - version 7.4.0 to 7.4.4
- FortiMail - version 7.6.0 to 7.6.2
- FortiNDR - version 1.1 to 1.4
- FortiNDR - version 1.5.0 to 1.5.3
- FortiNDR - version 7.0.0 to 7.0.6
- FortiNDR - version 7.1.0 to 7.1.1
- FortiNDR - version 7.2.0 to 7.2.4
- FortiNDR - version 7.4.0 to 7.4.7
- FortiNDR - version 7.6.0
- FortiOS – version 7.4.4 to 7.4.6
- FortiOS – version 7.6.0
- FortiProxy – version 7.6.0 to 7.6.1
- FortiRecorder - version 6.4.0 to 6.4.5
- FortiRecorder - version 7.0.0 to 7.0.5
- FortiRecorder - version 7.2.0 to 7.2.3
- FortiSwitchManager – version 7.2.5
- FortiVoice - versions 6.4.0 to 6.4.10
- FortiVoice - versions 7.0.0 to 7.0.6
- FortiVoice – versions prior to 7.2.0
Fortinet has indicated that CVE-2025-32756 has been exploited in the wild on FortiVoice.
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.