<ul><li>U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Fortinet vulnerability to its Known Exploited Vulnerabilities catalog, impacting several Fortinet products.</li><li>A critical remote code execution zero-day vulnerability, CVE-2025-32756, in FortiVoice systems was exploited by threat actors to execute arbitrary code.</li><li>Attackers scanned networks, erased crash logs, enabled debugging, and captured login credentials after exploiting the vulnerability.</li><li>CISA ordered federal agencies to address the identified vulnerability by June 4, 2025, in line with cybersecurity directives to protect networks and infrastructure from potential attacks.</li></ul>

U.S. CISA adds a Fortinet flaw to its Known Exploited Vulnerabilities catalog

Discover more