CNNVD-202601-2147 Information
CNNVD ID
CNNVD-202601-2147
Related CVE
- CNNVD Published: 2026-01-13
Description (Chinese)
Fortinet FortiSIEM是美国飞塔(Fortinet)公司的一套安全信息和事件管理系统。该系统包括资产发现、工作流程自动化和统一管理等功能。 Fortinet FortiSIEM 7.4.0版本、7.3.0版本至7.3.4版本、7.1.0版本至7.1.8版本、7.0.0版本至7.0.4版本和6.7.0版本至6.7.10版本存在安全漏洞,该漏洞源于特殊元素中和不当,可能导致攻击者通过特制TCP请求执行未经授权的代码或命令。
Description (English)
Fortinet FortiSIEM is a security information and incident management system for Fortinet. The system includes features such as asset detection, workflow automation and integrated management. Fortinet FortiSIEM, version 7.4.0, version 7.3.0 to version 7.3.4, version 7.1.0 to version 7.1.8, version 7.0.0 to version 7.0.4 and version 6.7.0 to version 6.7.10 have a security loophole, which stems from the incompetence of special elements and may lead the aggressor to request the execution of an unauthorized code or order through a specially designed TCP.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
飞塔
Published
2026-01-13
Last Modified
2026-02-24
References
https://github.com/horizon3ai/CVE-2025-64155 https://fortiguard.fortinet.com/psirt/FG-IR-25-772 https://access.redhat.com/security/cve/cve-2025-64155
Patch
https://fortiguard.fortinet.com/psirt/FG-IR-25-772
Share on: