Fortinet Resolves Critical Vulnerability in FortiSIEM Enabling Remote Code Execution

By Political X PatriotJanuary 14, 20261 Min Read

On January 14, 2026, Fortinet announced a critical patch for the FortiSIEM platform due to a significant security vulnerability (CVE-2025-64155) that could allow unauthenticated attackers to execute code. Rated 9.4 on the CVSS scale, this OS injection vulnerability arises from improper handling in FortiSIEM’s phMonitor service. It enables remote code execution and privilege escalation, potentially allowing attackers to gain root access.

The flaw mainly affects supernodes and worker nodes in various FortiSIEM versions, with specific upgrade paths provided for resolution. Additionally, a separate vulnerability in FortiFone (CVE-2025-47855) with a CVSS score of 9.3 was also addressed, allowing unauthorized access to device settings.

Fortinet encourages users to upgrade to the latest versions for security and recommends restricting access to the phMonitor port (7900) as a temporary measure.

Source link

What's Hot

Fortinet Resolves Critical Vulnerability in FortiSIEM Enabling Remote Code Execution

Related Posts