{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-32756", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2025-04-10T08:12:12.347Z", "datePublished": "2025-05-13T14:46:44.208Z", "dateUpdated": "2025-05-13T15:15:39.829Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiVoice", "cpes": ["cpe:2.3:a:fortinet:fortivoice:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "7.2.0", "status": "affected"}, {"versionType": "semver", "version": "7.0.0", "lessThanOrEqual": "7.0.6", "status": "affected"}, {"versionType": "semver", "version": "6.4.0", "lessThanOrEqual": "6.4.10", "status": "affected"}]}, {"vendor": "Fortinet", "product": "FortiRecorder", "cpes": ["cpe:2.3:a:fortinet:fortirecorder:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.4.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.2.0", "lessThanOrEqual": "7.2.3", "status": "affected"}, {"versionType": "semver", "version": "7.0.0", "lessThanOrEqual": "7.0.5", "status": "affected"}, {"versionType": "semver", "version": "6.4.0", "lessThanOrEqual": "6.4.5", "status": "affected"}]}, {"vendor": "Fortinet", "product": "FortiMail", "cpes": ["cpe:2.3:a:fortinet:fortimail:7.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.6.0", "lessThanOrEqual": "7.6.2", "status": "affected"}, {"versionType": "semver", "version": "7.4.0", "lessThanOrEqual": "7.4.4", "status": "affected"}, {"versionType": "semver", "version": "7.2.0", "lessThanOrEqual": "7.2.7", "status": "affected"}, {"versionType": "semver", "version": "7.0.0", "lessThanOrEqual": "7.0.8", "status": "affected"}]}, {"vendor": "Fortinet", "product": "FortiNDR", "cpes": [], "defaultStatus": "unaffected", "versions": [{"version": "7.6.0", "status": "affected"}, {"versionType": "semver", "version": "7.4.0", "lessThanOrEqual": "7.4.7", "status": "affected"}, {"versionType": "semver", "version": "7.2.0", "lessThanOrEqual": "7.2.4", "status": "affected"}, {"versionType": "semver", "version": "7.1.0", "lessThanOrEqual": "7.1.1", "status": "affected"}, {"versionType": "semver", "version": "7.0.0", "lessThanOrEqual": "7.0.6", "status": "affected"}, {"versionType": "semver", "version": "1.5.0", "lessThanOrEqual": "1.5.3", "status": "affected"}, {"version": "1.4.0", "status": "affected"}, {"versionType": "semver", "version": "1.3.0", "lessThanOrEqual": "1.3.1", "status": "affected"}, {"version": "1.2.0", "status": "affected"}, {"version": "1.1.0", "status": "affected"}]}, {"vendor": "Fortinet", "product": "FortiCamera", "cpes": ["cpe:2.3:a:fortinet:forticamera:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticamera:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticamera:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticamera:2.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticamera:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticamera:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticamera:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticamera:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticamera:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticamera:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticamera:1.1.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "2.1.0", "lessThanOrEqual": "2.1.3", "status": "affected"}, {"version": "2.0.0", "status": "affected"}, {"versionType": "semver", "version": "1.1.0", "lessThanOrEqual": "1.1.5", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiVoice versions 7.2.0, 7.0.0 through 7.0.6, 6.4.0 through 6.4.10, FortiRecorder versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.5, 6.4.0 through 6.4.5, FortiMail versions 7.6.0 through 7.6.2, 7.4.0 through 7.4.4, 7.2.0 through 7.2.7, 7.0.0 through 7.0.8, FortiNDR versions 7.6.0, 7.4.0 through 7.4.7, 7.2.0 through 7.2.4, 7.0.0 through 7.0.6, FortiCamera versions 2.1.0 through 2.1.3, 2.0 all versions, 1.1 all versions, allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie."}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2025-05-13T14:46:44.208Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-121", "description": "Execute unauthorized code or commands", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C"}}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiVoice version 7.2.1 or above \nPlease upgrade to FortiVoice version 7.0.7 or above \nPlease upgrade to FortiVoice version 6.4.11 or above \nPlease upgrade to FortiRecorder version 7.2.4 or above \nPlease upgrade to FortiRecorder version 7.0.6 or above \nPlease upgrade to FortiRecorder version 6.4.6 or above \nPlease upgrade to FortiMail version 7.6.3 or above \nPlease upgrade to FortiMail version 7.4.5 or above \nPlease upgrade to FortiMail version 7.2.8 or above \nPlease upgrade to FortiMail version 7.0.9 or above \nPlease upgrade to FortiNDR version 7.6.1 or above \nPlease upgrade to FortiNDR version 7.4.8 or above \nPlease upgrade to FortiNDR version 7.2.5 or above \nPlease upgrade to FortiNDR version 7.0.7 or above \nPlease upgrade to FortiCamera version 2.1.4 or above"}], "references": [{"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-254", "url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-254"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-13T15:15:33.068292Z", "id": "CVE-2025-32756", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-13T15:15:39.829Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-32756", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-05-13T15:15:33.068292Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-13T15:15:36.229Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.6, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"cpes": ["cpe:2.3:a:fortinet:fortivoice:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:*"], "vendor": "Fortinet", "product": "FortiVoice", "versions": [{"status": "affected", "version": "7.2.0"}, {"status": "affected", "version": "7.0.0", "versionType": "semver", "lessThanOrEqual": "7.0.6"}, {"status": "affected", "version": "6.4.0", "versionType": "semver", "lessThanOrEqual": "6.4.10"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:fortinet:fortirecorder:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.4.0:*:*:*:*:*:*:*"], "vendor": "Fortinet", "product": "FortiRecorder", "versions": [{"status": "affected", "version": "7.2.0", "versionType": "semver", "lessThanOrEqual": "7.2.3"}, {"status": "affected", "version": "7.0.0", "versionType": "semver", "lessThanOrEqual": "7.0.5"}, {"status": "affected", "version": "6.4.0", "versionType": "semver", "lessThanOrEqual": "6.4.5"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:fortinet:fortimail:7.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.0.0:*:*:*:*:*:*:*"], "vendor": "Fortinet", "product": "FortiMail", "versions": [{"status": "affected", "version": "7.6.0", "versionType": "semver", "lessThanOrEqual": "7.6.2"}, {"status": "affected", "version": "7.4.0", "versionType": "semver", "lessThanOrEqual": "7.4.4"}, {"status": "affected", "version": "7.2.0", "versionType": "semver", "lessThanOrEqual": "7.2.7"}, {"status": "affected", "version": "7.0.0", "versionType": "semver", "lessThanOrEqual": "7.0.8"}], "defaultStatus": "unaffected"}, {"cpes": [], "vendor": "Fortinet", "product": "FortiNDR", "versions": [{"status": "affected", "version": "7.6.0"}, {"status": "affected", "version": "7.4.0", "versionType": "semver", "lessThanOrEqual": "7.4.7"}, {"status": "affected", "version": "7.2.0", "versionType": "semver", "lessThanOrEqual": "7.2.4"}, {"status": "affected", "version": "7.1.0", "versionType": "semver", "lessThanOrEqual": "7.1.1"}, {"status": "affected", "version": "7.0.0", "versionType": "semver", "lessThanOrEqual": "7.0.6"}, {"status": "affected", "version": "1.5.0", "versionType": "semver", "lessThanOrEqual": "1.5.3"}, {"status": "affected", "version": "1.4.0"}, {"status": "affected", "version": "1.3.0", "versionType": "semver", "lessThanOrEqual": "1.3.1"}, {"status": "affected", "version": "1.2.0"}, {"status": "affected", "version": "1.1.0"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:fortinet:forticamera:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticamera:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticamera:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticamera:2.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticamera:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticamera:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticamera:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticamera:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticamera:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticamera:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:forticamera:1.1.0:*:*:*:*:*:*:*"], "vendor": "Fortinet", "product": "FortiCamera", "versions": [{"status": "affected", "version": "2.1.0", "versionType": "semver", "lessThanOrEqual": "2.1.3"}, {"status": "affected", "version": "2.0.0"}, {"status": "affected", "version": "1.1.0", "versionType": "semver", "lessThanOrEqual": "1.1.5"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiVoice version 7.2.1 or above \nPlease upgrade to FortiVoice version 7.0.7 or above \nPlease upgrade to FortiVoice version 6.4.11 or above \nPlease upgrade to FortiRecorder version 7.2.4 or above \nPlease upgrade to FortiRecorder version 7.0.6 or above \nPlease upgrade to FortiRecorder version 6.4.6 or above \nPlease upgrade to FortiMail version 7.6.3 or above \nPlease upgrade to FortiMail version 7.4.5 or above \nPlease upgrade to FortiMail version 7.2.8 or above \nPlease upgrade to FortiMail version 7.0.9 or above \nPlease upgrade to FortiNDR version 7.6.1 or above \nPlease upgrade to FortiNDR version 7.4.8 or above \nPlease upgrade to FortiNDR version 7.2.5 or above \nPlease upgrade to FortiNDR version 7.0.7 or above \nPlease upgrade to FortiCamera version 2.1.4 or above"}], "references": [{"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-254", "name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-254"}], "descriptions": [{"lang": "en", "value": "A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiVoice versions 7.2.0, 7.0.0 through 7.0.6, 6.4.0 through 6.4.10, FortiRecorder versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.5, 6.4.0 through 6.4.5, FortiMail versions 7.6.0 through 7.6.2, 7.4.0 through 7.4.4, 7.2.0 through 7.2.7, 7.0.0 through 7.0.8, FortiNDR versions 7.6.0, 7.4.0 through 7.4.7, 7.2.0 through 7.2.4, 7.0.0 through 7.0.6, FortiCamera versions 2.1.0 through 2.1.3, 2.0 all versions, 1.1 all versions, allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-121", "description": "Execute unauthorized code or commands"}]}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2025-05-13T14:46:44.208Z"}}}, "cveMetadata": {"cveId": "CVE-2025-32756", "state": "PUBLISHED", "dateUpdated": "2025-05-13T15:15:39.829Z", "dateReserved": "2025-04-10T08:12:12.347Z", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "datePublished": "2025-05-13T14:46:44.208Z", "assignerShortName": "fortinet"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiVoice versions 7.2.0, 7.0.0 through 7.0.6, 6.4.0 through 6.4.10, FortiRecorder versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.5, 6.4.0 through 6.4.5, FortiMail versions 7.6.0 through 7.6.2, 7.4.0 through 7.4.4, 7.2.0 through 7.2.7, 7.0.0 through 7.0.8, FortiNDR versions 7.6.0, 7.4.0 through 7.4.7, 7.2.0 through 7.2.4, 7.0.0 through 7.0.6, FortiCamera versions 2.1.0 through 2.1.3, 2.0 all versions, 1.1 all versions, allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie."}], "id": "CVE-2025-32756", "lastModified": "2025-05-13T19:35:18.080", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "psirt@fortinet.com", "type": "Secondary"}]}, "published": "2025-05-13T15:15:57.113", "references": [{"source": "psirt@fortinet.com", "url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-254"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-121"}], "source": "psirt@fortinet.com", "type": "Primary"}]}

{}