Security News > 2025 > May > Zero-day exploited to compromise Fortinet FortiVoice systems (CVE-2025-32756)
2025-05-13 18:38
Fortinet has patched a critical vulnerability (CVE-2025-32756) that has been exploited in the wild to compromise FortiVoice phone / conferencing systems, the company’s product security incident response team has revealed on Tuesday. About CVE-2025-32756 CVE-2025-32756 is a stack-based overflow vulnerability that can lead to remote code and command execution by unauthenticated attackers. To trigger it, they only need to send a specially crafted HTTP request to a specific API. According to the Fortinet PSIRT, the … More → The post Zero-day exploited to compromise Fortinet FortiVoice systems (CVE-2025-32756) appeared first on Help Net Security.
News URL
Related news
- Fortinet Patches CVE-2025-32756 Zero-Day RCE Flaw Exploited in FortiVoice Systems (source)
- Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) (source)
- EncryptHub linked to MMC zero-day attacks on Windows systems (source)
- Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) (source)
- Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) (source)
- Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) (source)
- DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks (source)
- Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach (source)
- Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization (source)
- China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide (source)