{"id":3240,"date":"2025-05-14T07:12:45","date_gmt":"2025-05-14T06:12:45","guid":{"rendered":"https:\/\/aegislens.com\/home\/?p=3240"},"modified":"2025-05-14T07:12:45","modified_gmt":"2025-05-14T06:12:45","slug":"fortinet-addresses-zero-day-rce-vulnerability-the-cve-2025-32756-flaw-in-fortivoice-systems-now-patched","status":"publish","type":"post","link":"https:\/\/aegislens.com\/home\/fortinet-addresses-zero-day-rce-vulnerability-the-cve-2025-32756-flaw-in-fortivoice-systems-now-patched\/","title":{"rendered":"Fortinet Addresses Zero-Day RCE Vulnerability &#8211; The CVE-2025-32756 Flaw in FortiVoice Systems Now Patched"},"content":{"rendered":"<p>execute arbitrary code via specially crafted request,&#8221; Fortinet said in its advising. &#8220;The Meow botnet is actively scanning for vulnerable systems.&#8221;<\/p>\n<p><b>Details Of CVE-2025-32756<\/b><\/p>\n<table>\n<tr>\n<th>Severity<\/th>\n<th>High<\/th>\n<\/tr>\n<tr>\n<td>CVE<\/td>\n<td>CVE-2025-32756<\/td>\n<\/tr>\n<tr>\n<td>CVSS Base Score<\/td>\n<td>9.6 out of 10.0<\/td>\n<\/tr>\n<tr>\n<td>Patch Availability<\/td>\n<td>Available<\/td>\n<\/tr>\n<tr>\n<td>Vulnerable Systems<\/td>\n<td>FortiVoice, FortiMail, FortiNDR, FortiRecorder, FortiCamera<\/td>\n<\/tr>\n<\/table>\n<p>This zero-day remote code execution (RCE) flaw, under the identifier CVE-2025-32756, allows remote attackers to execute unauthorised code and commands.<\/p>\n<p>Specifically, a bad actor could potentially exploit this flaw by sending specially crafted requests to the target system.<\/p>\n<p>Given the capacity of FortiVoice systems and their wide application in organizations, the exploitation of this flaw could lead to significant breaches of information security and potential data loss.<\/p>\n<p><b>Fortinet\u2019s Immediate Response<\/b><\/p>\n<p>In reaction to the discovery of this vulnerability, Fortinet responded rapidly with the necessary patches.<\/p>\n<p>The company advised all users of the affected systems to apply patches immediately and ensure that they are running the most recent software updates for comprehensive security.<\/p>\n<p><b>Importance of Patching Vulnerabilities<\/b><\/p>\n<p>Cybersecurity professionals stress the critical importance of promptly patching vulnerabilities, such as CVE-2025-32756.<\/p>\n<p>The discovery and exploitation of these flaws underscore the ever-present need for robust, proactive cybersecurity measures in all digital systems.<\/p>\n<p>Failing to address such vulnerabilities can expose organizations to significant threats, including data breaches and malware attacks.<\/p>\n<p><b>Conclusion<\/b><\/p>\n<p>Vulnerabilities like CVE-2025-32756 pose an imminent threat to the security of virtual systems, emphasizing the criticality of rapid response and patching.<\/p>\n<p>Fortinet customers using the affected devices are highly advised to apply the patches immediately and conduct system audits to ensure no breaches have occurred. <\/p>\n<p><b>Follow-Up Reading<\/b><\/p>\n<ol>\n<li><a href='https:\/\/www.securityweek.com\/vulnerabilities-found-fortinet-fortivoice-ip-phones'>Vulnerabilities Found in Fortinet FortiVoice IP Phones \u2013 SecurityWeek<\/a><\/li>\n<li><a href='https:\/\/www.zdnet.com\/article\/fortinet-patches-security-holes-in-fortivoice\/'>Fortinet Patches Security Holes in FortiVoice \u2013 ZDNet<\/a><\/li>\n<li><a href='https:\/\/threatpost.com\/fortinet-patches-critical-fortivoice-voip-vulnerabilities\/167820\/'>Fortinet Patches Critical FortiVoice VoIP Vulnerabilities \u2013 ThreatPost<\/a><\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>execute arbitrary code via specially crafted request,&#8221; Fortinet said in its advising. &#8220;The Meow botnet<\/p>\n","protected":false},"author":1,"featured_media":3409,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"pmpro_default_level":"","_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[2,5],"tags":[],"class_list":["post-3240","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","category-news","pmpro-has-access"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3240","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/comments?post=3240"}],"version-history":[{"count":1,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3240\/revisions"}],"predecessor-version":[{"id":3410,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3240\/revisions\/3410"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/media\/3409"}],"wp:attachment":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/media?parent=3240"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/categories?post=3240"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/tags?post=3240"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}