Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution

Fortinet has addressed a critical security flaw in FortiSIEM that could enable unauthenticated remote code execution via the exposed phMonitor service. The vulnerability, tracked as CVE-2025-64155, allows attackers to execute unauthorized code or commands via crafted TCP requests. Affected versions include FortiSIEM 6.7.0 through 7.4.0, with specific upgrade instructions provided. Additionally, Fortinet has patched another critical vulnerability in FortiFone (CVE-2025-47855) that could allow unauthenticated attackers to obtain device configuration. Users are advised to update to the latest versions to protect against these vulnerabilities.