Critical FortiOS/FortiSwitchManager flaw enables remote code execution

January 14, 2026 at 10:16 AM

•

1 min read

Critical FortiOS/FortiSwitchManager flaw enables remote code execution — Photo: Cyber Security News

TL;DR Summary

Fortinet disclosed a critical heap-based buffer overflow vulnerability in the cw_acd daemon affecting FortiOS and FortiSwitchManager that allows remote, unauthenticated attackers to execute arbitrary code by sending specially crafted requests. Fortinet has issued advisories and patches across multiple FortiOS branches, FortiSASE, and FortiSwitchManager, and urges immediate upgrades to mitigate risk of full-system compromise (no CVE assigned yet). In the meantime, mitigations include disabling fabric access on interfaces and blocking CAPWAP-CONTROL traffic (UDP ports 5246–5249) via local-in policies, along with monitoring cw_acd activity and segmenting management interfaces.

Topics:technology #cwe-122 #cybersecurity #fortinet #fortios #fortiswitchmanager #remote-code-execution

Share this article

FortiOS and FortiSwitchManager Vulnerability Let Remote Attackers Execute Arbitrary Code Cyber Security News
MS-ISAC Warns Of Fortinet Vulnerabilities And Code Risks The Cyber Express
Fortinet closes security vulnerabilities in FortiOS, FortiSIEM, and more heise online
CVE-2025-25249: Remote Code Execution Vulnerability in FortiOS and FortiSwitchManager Arctic Wolf
FortiOS and FortiSwitchManager Flaw Allows Remote Code Execution gbhackers.com

Reading Insights

Total Reads

Unique Readers

Time Saved

52 min

vs 53 min read

Condensed

99%

10,472 → 86 words

Want the full story? Read the original article

Read on Cyber Security News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights