Affected Vendors
- Fortinet: 17 CVEs (2 critical, 8 high, 7 medium)
- NETGEAR: 3 CVEs (2 high, 1 medium)
- Starlink: 1 CVE (medium)
Critical Vulnerabilities Demand Immediate Action
This week brings two critical-severity vulnerabilities affecting Fortinet's core products. Both CVE-2025-59719 and CVE-2025-59718 are cryptographic signature verification flaws with a CVSS score of 9.8, allowing unauthenticated attackers to bypass critical security controls. CVE-2025-59718 impacts FortiOS across versions 7.0 through 7.6, affecting both FortiGate firewalls and FortiWiFi appliances. CVE-2025-59719 similarly affects FortiWeb WAF appliances in the same version range. These are not theoretical vulnerabilities—they directly enable authentication bypass. Organizations running these products should treat patching as an emergency priority this week.
Fortinet: 17 New Issues Across Multiple Product Lines
Beyond the two critical flaws, Fortinet disclosed 15 additional vulnerabilities spanning FortiWeb, FortiVoice, FortiExtender, and FortiSandbox. Several warrant attention:
- CVE-2025-64447 (CVSS 8.1): A cookie validation flaw in FortiWeb 7.2 through 8.0 allows attackers to forge or tamper with session cookies, potentially leading to unauthorized access.
- CVE-2025-60024 (CVSS 8.8): Multiple path traversal vulnerabilities in FortiVoice 6.4, 7.0, and 7.2 could permit attackers to read arbitrary files on the system.
- CVE-2025-64156 (CVSS 7.2): SQL injection in FortiVoice allows database manipulation across all supported versions.
- CVE-2025-64153 (CVSS 7.2) and CVE-2025-53679/CVE-2025-53949 (CVSS 7.2 each): OS command injection vulnerabilities across FortiExtender and FortiSandbox could lead to remote code execution.
If you manage any Fortinet infrastructure, check the Fortinet security advisories immediately for your specific product versions and apply available patches without delay.
NETGEAR Nighthawk: Authentication and Input Validation Issues
NETGEAR's consumer and business router lines face three new vulnerabilities. CVE-2025-12946 (CVSS 7.5) affects the speedtest feature in Nighthawk routers, allowing attackers on the WAN side to exploit improper input validation via man-in-the-middle techniques. More concerning, CVE-2025-12945 (CVSS 7.2) permits authenticated administrators to execute arbitrary OS commands on R7000P models through version 1.3.3.154 due to insufficient input sanitization. A third medium-severity DoS flaw (CVE-2025-12941) affects the C6220 and C6230 cable modem/WiFi combo units. NETGEAR administrators should verify firmware versions and pull security updates from the vendor's support portal.
Starlink: Unauthenticated Administrative Access
CVE-2025-67780 (CVSS 4.2) exposes Starlink Dish devices running firmware 2024.12.04.mr46620 to unauthenticated administrative actions via LAN gRPC requests. While the CVSS is moderate, the attack surface is local-network only, reducing risk for most deployments. Users should ensure firmware is up to date.
Recommended Actions This Week
- Fortinet users: Prioritize patches for FortiOS and FortiWeb immediately; treat CVE-2025-59718 and CVE-2025-59719 as emergency updates.
- NETGEAR administrators: Check device firmware versions and apply available updates, especially for Nighthawk R7000P and commercial cable modems.
- All users: Review your router inventory in RouterCVE to identify affected models and track patch availability by vendor.