CVE-2025-64155 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through…
Critical CVSS: 9.8

CVE-2025-64155

An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4, FortiSIEM 7.1.0 through 7.1.8, FortiSIEM 7.0.0 through 7.0.4, FortiSIEM 6.7.0 through 6.7.10 may allow an attacker to execute unauthorized code or commands via crafted TCP requests.
Vendor
Fortinet
Product
Fortisiem
CWE
CWE-78
Yayın Tarihi
2026-01-13 17:15:58
Güncelleme
2026-01-20 16:16:06
Source Identifier
psirt@fortinet.com
KEV Date Added
-

Kategoriler

CWE-78 Fortisiem CRITICAL Fortinet 2026

Referanslar

https://fortiguard.fortinet.com/psirt/FG-IR-25-772 https://github.com/horizon3ai/CVE-2025-64155 https://github.com/purehate/CVE-2025-64155-hunter