Hackers Exploit New Fortinet Flaw Amid Ongoing Vulnerability Issues
Cybersecurity Dive
|
Contributed by: Kate Gamble
Summary
A recently identified vulnerability in Fortinet FortiSIEM, designated CVE-2025-64155, enables attackers to execute unauthorized commands due to improper neutralization of elements within the operating system. Disclosed in August 2025 but only recently made public, this flaw is being actively exploited by threat groups, highlighting ongoing security concerns within the FortiSIEM architecture. Previous vulnerabilities in the phMonitor component suggest a troubling trend of inadequate security measures, raising significant implications for healthcare professionals relying on Fortinet products to safeguard sensitive patient data. As these vulnerabilities persist, healthcare organizations must prioritize both immediate corrective actions and long-term strategic enhancements to their cybersecurity protocols.
