Users who cannot upgrade are advised to filter communications on port 7900, which is used by the phMonitor component to monitor the health of system processes and to distribute tasks to them.
Fortinet also fixed a high severity authentication bypass flaw, CVE-2024-26009, in FortiOS, FortiProxy, and FortiPAM. The vulnerability can only be exploited on devices managed by a FortiManager appliance through the proprietary FGFM protocol, and the attacker knows the device’s serial number. If exploitation is successful, attackers can execute arbitrary code and commands on the system.
Other fixes released this week address medium-risk flaws in various products, including a path traversal resulting in arbitrary file overwrite (CVE-2024-52964) and unauthorized command execution, a double-free memory issue (CVE-2023-45584) leading to unauthorized code execution, an incorrect privilege assignment in Security Fabric (CVE-2025-53744) leading to privilege escalation, and an integer overflow (CVE-2025-25248) leading to denial of service.
