Summary
Fortinet has patched a high-severity stack-based buffer overflow in FortiManager (CVE-2025-54820) that allows remote unauthenticated attackers to execute unauthorized commands by sending crafted requests to the fgtupdates service.
Take Action:
If you are using Fortinet FortiManager, plan a quick patch. In the interim, make sure the HTTP/HTTPS interface is isolated from the internet or disable fgtupdates in the system interface settings to close the attack vector.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)