Vulnerability Details CVE-2025-32756
A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiVoice versions 7.2.0, 7.0.0 through 7.0.6, 6.4.0 through 6.4.10, FortiRecorder versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.5, 6.4.0 through 6.4.5, FortiMail versions 7.6.0 through 7.6.2, 7.4.0 through 7.4.4, 7.2.0 through 7.2.7, 7.0.0 through 7.0.8, FortiNDR versions 7.6.0, 7.4.0 through 7.4.7, 7.2.0 through 7.2.4, 7.0.0 through 7.0.6, FortiCamera versions 2.1.0 through 2.1.3, 2.0 all versions, 1.1 all versions, allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.069
EPSS Ranking 90.9%
CVSS Severity
CVSS v3 Score 9.8
Proposed Action
Fortinet FortiFone, FortiVoice, FortiNDR and FortiMail contain a stack-based overflow vulnerability that may allow a remote unauthenticated attacker to execute arbitrary code or commands via crafted HTTP requests.
Ransomware Campaign
Unknown
Products affected by CVE-2025-32756
-
cpe:2.3:a:fortinet:fortimail:*
-
cpe:2.3:a:fortinet:fortimail:7.0.0
-
cpe:2.3:a:fortinet:fortimail:7.0.1
-
cpe:2.3:a:fortinet:fortimail:7.0.2
-
cpe:2.3:a:fortinet:fortimail:7.0.3
-
cpe:2.3:a:fortinet:fortimail:7.0.4
-
cpe:2.3:a:fortinet:fortimail:7.0.5
-
cpe:2.3:a:fortinet:fortimail:7.0.6
-
cpe:2.3:a:fortinet:fortimail:7.0.7
-
cpe:2.3:a:fortinet:fortimail:7.0.8
-
cpe:2.3:a:fortinet:fortimail:7.2.0
-
cpe:2.3:a:fortinet:fortimail:7.2.1
-
cpe:2.3:a:fortinet:fortimail:7.2.2
-
cpe:2.3:a:fortinet:fortimail:7.2.3
-
cpe:2.3:a:fortinet:fortimail:7.2.4
-
cpe:2.3:a:fortinet:fortimail:7.2.5
-
cpe:2.3:a:fortinet:fortimail:7.2.6
-
cpe:2.3:a:fortinet:fortimail:7.2.7
-
cpe:2.3:a:fortinet:fortimail:7.4.0
-
cpe:2.3:a:fortinet:fortimail:7.4.1
-
cpe:2.3:a:fortinet:fortimail:7.4.2
-
cpe:2.3:a:fortinet:fortimail:7.4.3
-
cpe:2.3:a:fortinet:fortindr:1.1.0
-
cpe:2.3:a:fortinet:fortindr:1.2.0
-
cpe:2.3:a:fortinet:fortindr:1.3.0
-
cpe:2.3:a:fortinet:fortindr:1.4.0
-
cpe:2.3:a:fortinet:fortindr:1.5.0
-
cpe:2.3:a:fortinet:fortindr:7.0.0
-
cpe:2.3:a:fortinet:fortindr:7.1.0
-
cpe:2.3:a:fortinet:fortindr:7.1.1
-
cpe:2.3:a:fortinet:fortindr:7.2.0
-
cpe:2.3:a:fortinet:fortindr:7.2.1
-
cpe:2.3:a:fortinet:fortindr:7.4.0
-
cpe:2.3:a:fortinet:fortindr:7.6.0
-
cpe:2.3:a:fortinet:fortirecorder:6.4.0
-
cpe:2.3:a:fortinet:fortirecorder:6.4.1
-
cpe:2.3:a:fortinet:fortirecorder:6.4.2
-
cpe:2.3:a:fortinet:fortirecorder:6.4.3
-
cpe:2.3:a:fortinet:fortirecorder:6.4.4
-
cpe:2.3:a:fortinet:fortirecorder:6.4.5
-
cpe:2.3:a:fortinet:fortirecorder:7.0.0
-
cpe:2.3:a:fortinet:fortirecorder:7.0.1
-
cpe:2.3:a:fortinet:fortirecorder:7.0.2
-
cpe:2.3:a:fortinet:fortirecorder:7.0.3
-
cpe:2.3:a:fortinet:fortirecorder:7.0.4
-
cpe:2.3:a:fortinet:fortirecorder:7.0.5
-
cpe:2.3:a:fortinet:fortirecorder:7.2.0
-
cpe:2.3:a:fortinet:fortirecorder:7.2.1
-
cpe:2.3:a:fortinet:fortirecorder:7.2.2
-
cpe:2.3:a:fortinet:fortivoice:6.4.0
-
cpe:2.3:a:fortinet:fortivoice:6.4.1
-
cpe:2.3:a:fortinet:fortivoice:6.4.10
-
cpe:2.3:a:fortinet:fortivoice:6.4.2
-
cpe:2.3:a:fortinet:fortivoice:6.4.3
-
cpe:2.3:a:fortinet:fortivoice:6.4.4
-
cpe:2.3:a:fortinet:fortivoice:6.4.5
-
cpe:2.3:a:fortinet:fortivoice:6.4.6
-
cpe:2.3:a:fortinet:fortivoice:6.4.7
-
cpe:2.3:a:fortinet:fortivoice:6.4.8
-
cpe:2.3:a:fortinet:fortivoice:6.4.9
-
cpe:2.3:a:fortinet:fortivoice:7.0.0
-
cpe:2.3:a:fortinet:fortivoice:7.0.1
-
cpe:2.3:a:fortinet:fortivoice:7.0.4
-
cpe:2.3:a:fortinet:fortivoice:7.0.5
-
cpe:2.3:a:fortinet:fortivoice:7.2.0
-
cpe:2.3:h:fortinet:forticamera:-
-
cpe:2.3:o:fortinet:forticamera_firmware:*