Home About Courses Live Batches Private Sessions Labs Cyber Bulletin Verify Contact

Login

FortiOS CLI Command Bypass Vulnerability

Published on: October 16, 2025

Share:
FortiOS CLI Command Bypass Vulnerability

Overview:

Fortinet has disclosed a high-severity vulnerability in FortiOS, the operating system powering FortiGate firewalls and VPN devices. Identified as CVE-2025-58325, this flaw allows an authenticated attacker with CLI access to bypass command restrictions and potentially gain full system control.

This vulnerability poses a serious risk to network security infrastructure, especially in environments where FortiGate appliances are exposed to internal or remote administrative access.
CVE Details:

CVE 2025-58325
SeverityHigh
Base Score7.8

Who Is Impacted:

The Organizations or individuals using Fortinet FortiGate devices running vulnerable versions of FortiOS are impacted by this vulnerability.

  • Any environment with FortiGate devices granting CLI access to administrators.

  • Affected FortiOS branches include:  7.6.x (specifically 7.6.0), 7.4.x, 7.2.x, 7.0.x and all FortiOS 6.4.x versions.

    Note: Cloud-managed Fortinet services (such as FortiCloud-managed firewalls) are not impacted by this vulnerability.

How it impacts:

  • Attack vector:

CVE-2025-58325 is a local privilege escalation vulnerability in the FortiOS Command Line Interface (CLI). It allows an attacker with existing administrative access to bypass built-in command restrictions and gain full control over the system.

Impact:

  • Installs a persistent backdoor.
  • Disables logs or security rules.
  • Redirects or captures network traffic.
  • Initiates system disruption or sabotage.

Targeted Products and Fixed Versions:

FortiOS BranchAffected VersionsFixed Version
7.6.x7.6.07.6.1
7.4.x7.4.0 – 7.4.57.4.6
7.2.x7.2.5 – 7.2.107.2.11
7.0.x7.0.0 – 7.0.157.0.16

Note:  6.4.x is End-of-Life — no patches will be available. Migration is mandatory for continued security.

Recommendations:

  • Patch Immediately - Upgrade all affected FortiGate devices to a fixed version as listed above.
  • Restrict CLI and administrative access to trusted personnel only, following the principle of least privilege.
  • Enforce Multi-Factor Authentication (MFA) on all administrative accounts to strengthen access security.

Reference Links:

https://cybersecuritynews.com/fortios-cli-command-bypass-vulnerability/

https://nvd.nist.gov/vuln/detail/CVE-2025-58325


 

← Back to all bulletins