Fortinet patches critical FortiSIEM flaw enabling unauthenticated remote code execution

January 14, 2026 at 03:02 PM

•

1 min read

Fortinet patches critical FortiSIEM flaw enabling unauthenticated remote code execution — Photo: The Hacker News

TL;DR Summary

Fortinet released patches for FortiSIEM to fix CVE-2025-64155, an unauthenticated OS command injection that could let an attacker execute code via crafted requests to the phMonitor service on port 7900, potentially enabling a reverse shell and root-level control. The flaw affects multiple FortiSIEM versions; users should upgrade to fixed releases or restrict access to port 7900 as a workaround. The advisory also patches a separate FortiFone vulnerability (CVE-2025-47855).

Topics:technology #cve-2025-64155 #fortinet #fortisiem #os-command-injection #remote-code-execution #security

Share this article

Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution The Hacker News
FortiOS and FortiSwitchManager Vulnerability Let Remote Attackers Execute Arbitrary Code Cyber Security News
Fortinet closes security vulnerabilities in FortiOS, FortiSIEM, and more heise online
Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM SecurityWeek
MS-ISAC Warns Of Fortinet Vulnerabilities And Code Risks The Cyber Express

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

87%

543 → 68 words

Want the full story? Read the original article

Read on The Hacker News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights