{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T11:42:51.857","vulnerabilities":[{"cve":{"id":"CVE-2025-25256","sourceIdentifier":"psirt@fortinet.com","published":"2025-08-12T19:15:28.683","lastModified":"2025-08-15T18:15:27.583","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9 allows an unauthenticated attacker to execute unauthorized code or commands via crafted CLI requests."},{"lang":"es","value":"Una vulnerabilidad de neutralización incorrecta de elementos especiales utilizados en un comando del SO ('OS Command Injection') [CWE-78] en Fortinet FortiSIEM versión 7.3.0 a 7.3.1, 7.2.0 a 7.2.5, 7.1.0 a 7.1.7, 7.0.0 a 7.0.3 y anteriores a 6.7.9 permite que un atacante no autenticado ejecute código o comandos no autorizados a través de solicitudes CLI manipuladas."}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4.0","versionEndExcluding":"6.7.10","matchCriteriaId":"AE219A7C-15F6-42F1-8A2E-2D9C2D182F47"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.4","matchCriteriaId":"C19909A4-227B-460D-B1EF-5115B8DB0CF9"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*","versionStartIncluding":"7.1.0","versionEndExcluding":"7.1.8","matchCriteriaId":"119827CE-B8BF-4418-830F-B87CA0305265"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndExcluding":"7.2.6","matchCriteriaId":"8DBF861B-B200-40BA-86A3-51E90F3DCF04"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.0","versionEndExcluding":"7.3.2","matchCriteriaId":"0A631305-1FA5-4CE8-B180-DC4BD6467A2F"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-25-152","source":"psirt@fortinet.com","tags":["Vendor Advisory"]},{"url":"https://www.theregister.com/2025/08/13/fortinet_discloses_critical_bug/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/watchtowrlabs/watchTowr-vs-FortiSIEM-CVE-2025-25256","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"},{"url":"https://labs.watchtowr.com/should-security-solutions-be-secure-maybe-were-all-wrong-fortinet-fortisiem-pre-auth-command-injection-cve-2025-25256/","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}}]}