Affected Vendors This Week
- Fortinet: 18 CVEs (4 high, 14 medium)
- Cisco: 5 CVEs (1 high, 4 medium)
- ASUS: 3 CVEs (3 unscored)
This week brings 26 new router and network device vulnerabilities, with Fortinet dominating the landscape. Four critical high-severity issues stand out as requiring immediate attention, particularly for organizations running FortiPAM, FortiDLP, and FortiAnalyzer across their infrastructure.
Critical Fortinet Vulnerabilities
CVE-2025-49201 (CVSS 8.1) represents the most severe flaw this week—a weak authentication vulnerability in FortiPAM versions 1.0 through 1.5.0. This impacts privileged access management deployments and could allow attackers to bypass authentication mechanisms. Organizations using FortiPAM should prioritize patching immediately.
CVE-2025-54658 (CVSS 7.8) is a path traversal vulnerability in FortiDLP Agent's Outlook proxy plugin on macOS, affecting versions 11.4.2 through 11.4.6 and 11.5.1. This could allow unauthorized file system access on endpoints running the agent.
CVE-2024-50571 (CVSS 7.2) is a heap-based buffer overflow in FortiAnalyzer spanning multiple versions (6.0.13 through 7.6.2). This memory corruption issue could lead to remote code execution in analytics appliances that sit in critical visibility positions.
CVE-2025-47856 (CVSS 7.2) introduces two OS command injection vulnerabilities in FortiVoice 6.4.x (before 6.4.10) and 7.0.0 through 7.0.6. Voice infrastructure exposure is particularly dangerous in unified communications environments.
Additionally, CVE-2023-46718 (CVSS 6.7), a stack-based buffer overflow in FortiOS, affects numerous versions across the 6.x, 7.0, 7.2, and 7.4 branches. Three more medium-severity authentication and information disclosure flaws (CVE-2025-59921, CVE-2025-53845, and CVE-2025-22258) round out the Fortinet portfolio.
Cisco Phone and Network Issues
CVE-2025-20350 (CVSS 7.5) affects the web UI of Cisco Desk Phone 9800 Series, IP Phones 7800/8800, and Video Phone 8875, allowing unauthenticated remote attacks. Organizations with these phones on their networks should verify patches are available.
Two additional Cisco vulnerabilities in the Snort 3 HTTP Decoder (CVE-2025-20359 and CVE-2025-20360) could enable information disclosure or denial of service in IDS/IPS deployments.
ASUS Driver Flaws
ASUS reported three unscored vulnerabilities in the AsIO3.sys driver and Armoury Crate component. While lacking CVSS ratings, the reported stack buffer overflow and null pointer dereference suggest these merit vendor follow-up for potential impact assessment.
Action Items
- Fortinet users: Check for available patches for FortiPAM, FortiDLP, FortiAnalyzer, FortiVoice, and FortiOS—this is a high-impact week for the vendor
- Cisco VoIP administrators: Verify patch availability for 7800/8800 phone series and review Snort 3 configurations
- ASUS customers: Monitor vendor advisories for driver updates and remediation guidance