Fortinet Vulnerabilities 12/2025
Our experts keep you up-to-date on critical cyber threats (CVEs)
Fortinet has confirmed a critical vulnerability within FortiProxy and FortiSwitch Manager, potentially impacting multiple Fortinet products. This vulnerability could allow attackers to gain unauthorised access to vulnerable systems.
Fortinet Vulnerabilities 12/2025
What is going on?
Fortinet has confirmed a critical vulnerability within FortiOS, FortiProxy and FortiSwitch Manager, potentially impacting multiple Fortinet products. This vulnerability could allow attackers unauthorised access to vulnerable systems.
- CVE IDs: CVE-2025-59718 and CVE-2025-59719
- CVSS score: 9.1 (Critical)
- More info: https://www.fortiguard.com/psirt/FG-IR-25-647
Take action
Fortinet has fixed the vulnerabilities in the firmware versions below:
FortiOS
- 7.0.18 or higher
- 7.2.12 or higher
- 7.4.9 or higher
FortiProxy
- 7.2.15 or higher
- 7.4.11 or higher
- 7.6.4 or higher
FortiSwitch Manager
- 7.0.6 or higher
- 7.2.7 or higher
FortiWeb
- 7.4.10 or higher
- 7.6.5 or higher
- 8.0.1 or higher
These releases have been available for some time, so if your system is running on one of the above versions, you are in good shape.
Are you not yet on these versions? If so, we recommend installing the latest firmware as soon as possible. In the meantime, check out Fortinet's recommended workaround asap: https://www.fortiguard.com/psirt/FG-IR-25-647
What does VanRoey do?
We'll schedule a Managed Services customers need do nothing: their environment has already been thoroughly scanned and updated where necessary.
Don't have a service contract and would like support with updates? Then please contact our support team via support@vanroey.be
.
Can't create tickets? Ask here to get an account. If our Engineer needs to remotely control your PC, he or she will ask you to run this software .
