Multiple announcements, including critical vulnerabilities, from Fortinet

Dec, Tue, 2025
nathan
CTC NEWS , Industry News , Mailing List

Two new vulnerabilities, CVE-2025-62631, 5.3 / medium and CVE-2025-59718, 9.1 / critical, were announced today affecting multiple Fortinet products including FortiOS (multiple versions including 7.2.x, 7.4.x and 7.6.x), FortiProxy (multiple versions including 7.2.x, 7.4.x and 7.6.x) and FortiPAM 1.4. It’s worth noting that previous versions (6.x) that are no longer being supported by Fortinet are also affected.

Fortinet has an excellent article on the vulnerabilities and mitigations on the Fortiguard website here and here.

Additional Info

CVE-2025-62631 (medium) – https://nvd.nist.gov/vuln/detail/CVE-2025-62631
CVE-2025-59718 (critical) – https://app.opencve.io/cve/CVE-2025-59718