RouterCVE

Router CVE Weekly Digest — Week of May 12, 2025

Published May 12, 2025 · RouterCVE Weekly Digest

12 CVEs 1 Critical1 High1 Low

Affected Vendors

  • Palo Alto Networks: 9 CVEs
  • Fortinet: 1 CVE
  • Digi: 1 CVE
  • ASUS: 1 CVE

Critical Findings

This week brought one critical vulnerability that demands immediate attention. CVE-2025-32756 (CVSS 9.8) is a stack-based buffer overflow in Fortinet FortiCamera affecting versions 2.1.0 through 2.1.3, 2.0 all versions, and 1.1 all versions. This type of vulnerability can lead to remote code execution with minimal complexity. If FortiCamera devices are deployed in your network, prioritize firmware updates as the top action item this week.

High-Severity Issues

CVE-2025-0130 (CVSS 7.5) affects Palo Alto Networks PAN-OS with the web proxy feature enabled. The vulnerability stems from a missing exception check that allows unauthenticated attackers to send maliciously crafted packets, triggering a denial-of-service condition. This is particularly concerning because it requires no authentication and could affect firewall availability. Check your PAN-OS firmware version and apply patches from Palo Alto Networks promptly.

Medium and Lower-Risk Vulnerabilities

The remaining 10 CVEs span across Palo Alto Networks, Digi, and ASUS with varying severity levels, though many carry CVSS scores that warrant attention:

  • CVE-2025-3659 (Digi PortServer TS, CVSS 9.4, unrated) involves improper authentication handling in HTTP POST requests. Despite the lack of formal severity rating, the high CVSS score suggests this could enable unauthorized access.
  • CVE-2025-1533 (ASUS, CVSS 8.2) is a stack buffer overflow in the AsIO3.sys driver that could cause system crashes or undefined behavior through input manipulation.
  • CVE-2025-0135 (Palo Alto Networks GlobalProtect on macOS, CVSS 3.3) allows local, authenticated non-admin users to disable the app—lower risk but worth noting for endpoint management.
  • Additional Palo Alto Networks issues include privilege management flaws (CVE-2025-0131), missing authentication in Cortex XDR Broker VM (CVE-2025-0132), code injection in XDR Broker (CVE-2025-0134), weak IPSec encryption configuration (CVE-2025-0136), input neutralization issues (CVE-2025-0137), and a reflected XSS vulnerability (CVE-2025-0133).

Recommended Actions

For this week's updates, focus first on Fortinet FortiCamera and Palo Alto Networks PAN-OS patches. Review your inventory to identify affected versions and schedule firmware updates. For Palo Alto Networks deployments, pay special attention to web proxy configurations and any use of AES-128-CCM for IPSec on PA series firewalls. Check vendor advisories for specific patch availability and timelines.

« All weekly digests