In an era where billions of connected devices form the nervous system of critical infrastructure, embedded IoT systems have become prime targets for cybercriminals, particularly given their enormous collective attack surface. IoT Analytics projects that the number of connected IoT devices will reach 18.8 billion by the end of 2024, up from approximately 16.6 billion..
The post Rethinking Embedded IoT Security: Why Traditional IT Protections Fall Short appeared first on Security Boulevard.
In cybersecurity, speed is survival. When adversaries are moving at machine speed—launching AI-powered attacks, exploiting zero-days within hours of disclosure, and shifting tactics on the fly—you can’t afford to be making decisions based on a report that’s three months old. And yet, that’s exactly what much of the security industry has been doing for decades—relying..
The post Futurum Signal: Real-Time Market Intelligence for Cyber Defenders appeared first on Security Boulevard.
Exploit code is reportedly available for a critical command injection vulnerability affecting Fortinet FortiSIEM devices.
BackgroundOn August 12, Fortinet published a security advisory (FG-IR-25-152) for CVE-2025-25256, a critical command injection vulnerability affecting Fortinet FortiSIEM.
CVEDescriptionCVSSv3CVE-2025-25256Fortinet FortiSIEM Command Injection Vulnerability9.8AnalysisCVE-2025-25256 is a critical operating system (OS) command injection vulnerability affecting Fortinet FortiSIEM. A remote, unauthenticated attacker can exploit this flaw to execute arbitrary code using specially crafted requests.
According to the advisory, exploitation of this flaw does not “produce distinctive” indicators of compromise (IoCs). As such, it may be difficult to identify that a device has been compromised.
Historical Exploitation of Fortinet Devices
Fortinet vulnerabilities have historically been common targets for cyber attackers, with 20 CVEs currently on the Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) list. The following table outlines some of the most impactful Fortinet vulnerabilities in recent years.
CVEDescriptionPatchedTenable BlogCVE-2025-32756Fortinet FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera Arbitrary Code Execution VulnerabilityMay 2025CVE-2025-32756: Zero-Day Vulnerability in Multiple Fortinet Products Exploited in the WildCVE-2024-55591Fortinet Authentication Bypass in FortiOS and FortiProxyJanuary 2025CVE-2024-55591: Fortinet Authentication Bypass Zero-Day Vulnerability Exploited in the WildCVE-2024-21762Fortinet FortiOS Out-of-bound Write Vulnerability in sslvpndFebruary 2024CVE-2024-21762: Critical Fortinet FortiOS Out-of-Bound Write SSL VPN VulnerabilityCVE-2023-27997FortiOS and FortiProxy Heap-Based Buffer Overflow VulnerabilityJune 2023CVE-2023-27997: Heap-Based Buffer Overflow in Fortinet FortiOS and FortiProxy SSL-VPN (XORtigate)CVE-2022-42475FortiOS and FortiProxy Heap-Based Buffer Overflow VulnerabilityDecember 2022CVE-2022-42475: Fortinet Patches Zero Day in FortiOS SSL VPNsAA23-250A: Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475CVE-2022-40684FortiOS and FortiProxy Authentication Bypass VulnerabilityOctober 2022CVE-2022-40684: Critical Authentication Bypass in FortiOS and FortiProxyProof of conceptAt the time the advisory was published by Fortinet on August 12, they warned that “practical exploit code” had been found in the wild, though they did not provide a link to the exploit. Tenable Research has attempted to identify a functional proof-of-concept (PoC) for this flaw, however, we have not successfully located one as of the time this blog was published.
SolutionThe following table details the affected and fixed versions of Fortinet devices for CVE-2025-25256:
Product VersionAffected RangeFixed VersionFortiSIEM 5.4All Versions of 5.4Migrate to a fixed releaseFortiSIEM 6.1All Versions of 6.1Migrate to a fixed releaseFortiSIEM 6.2All Versions of 6.2Migrate to a fixed releaseFortiSIEM 6.3All Versions of 6.3Migrate to a fixed releaseFortiSIEM 6.4All Versions of 6.4Migrate to a fixed releaseFortiSIEM 6.5All Versions of 6.5Migrate to a fixed releaseFortiSIEM 6.6All Versions of 6.6Migrate to a fixed releaseFortiSIEM 6.76.7.0 through 6.7.96.7.10 or aboveFortiSIEM 7.07.0.0 through 7.0.37.0.4 or aboveFortiSIEM 7.17.1.0 through 7.1.77.1.8 or aboveFortiSIEM 7.27.2.0 through 7.2.57.2.6 or aboveFortiSIEM 7.37.3.0 through 7.3.17.3.2 or aboveFortiSIEM 7.4Not AffectedNot ApplicableFortinet’s security advisory advises if immediate patching is not able to be performed, they recommend limiting access to the phMonitor port of 7900. We strongly recommend reviewing the advisory for updates as well as the latest on mitigation or indicators of compromise (IoCs).
Identifying affected systemsA list of Tenable plugins for this vulnerability can be found on the individual CVE page for CVE-2025-25256 as they’re released. This link will display all available plugins for this vulnerability, including upcoming plugins in our Plugins Pipeline.
Additionally, customers can utilize Tenable Attack Surface Management to identify public facing assets running Fortinet devices by using the following subscription:
Get more informationJoin Tenable's Research Special Operations (RSO) Team on the Tenable Community.
Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.
Adobe has rolled out its August 2025 Patch Tuesday updates, addressing a total of 60 vulnerabilities across a wide array of products, including key creative tools and enterprise solutions. These patches primarily focus on out-of-bounds read and write issues, use-after-free errors, and arbitrary code execution risks, many of which carry high severity ratings due to […]
The post Adobe’s August 2025 Patch Tuesday Fixes 60 Vulnerabilities Across Multiple Products appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.