How severe is CVE-2025-64155?

CVE-2025-64155 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2025-64155

Name: fortisiem
Author: fortinet

9.8CRITICAL

An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4, FortiSIEM 7.1.0 through 7.1.8, F

Veröffentlicht: 1/13/2026Aktualisiert: 1/14/2026

Beschreibung

An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4, FortiSIEM 7.1.0 through 7.1.8, FortiSIEM 7.0.0 through 7.0.4, FortiSIEM 6.7.0 through 6.7.10 may allow an attacker to execute unauthorized code or commands via crafted TCP requests.

KI-AnalyseKI-gestützt

Betroffene Produkte

fortinetfortisiem

7.4.0

Referenzen

https://fortiguard.fortinet.com/psirt/FG-IR-25-772
Vendor Advisory
https://github.com/horizon3ai/CVE-2025-64155
ExploitThird Party Advisory