Pakistan’s National Computer Emergency Response Team (National CERT) has issued a critical cybersecurity advisory highlighting a severe Remote Code Execution (RCE) vulnerability—identified as CVE-2025-32756—impacting a range of Fortinet appliances. The vulnerability, which carries a CVSS severity score of 9.8, is currently being actively exploited in the wild, posing a major threat to organizations utilizing these systems.
The affected Fortinet products include FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera. According to the advisory, the flaw allows unauthenticated attackers to execute arbitrary code remotely by sending specially crafted HTTP or HTTPS requests to the vulnerable systems. This kind of exploit gives attackers full control over targeted devices, making it an extremely dangerous vulnerability, especially for networks that rely on these appliances for communication, surveillance, and data processing.
The National CERT has urged all organizations and IT administrators to take immediate and decisive actions to mitigate potential risks. Among the key recommendations is the prompt application of the latest firmware updates released by Fortinet to patch the vulnerability. CERT emphasizes that patching is the most effective line of defense, especially as attackers are already leveraging this flaw to compromise exposed systems globally.
For organizations unable to immediately apply updates, CERT advises disabling the HTTP/HTTPS administrative interfaces on affected devices as a temporary precautionary measure. Additionally, system administrators are encouraged to closely monitor system and security logs for any signs of anomalous activity that could indicate exploitation attempts. Restricting external access to vulnerable endpoints is also strongly recommended until patching can be completed.
The full technical advisory, including links to firmware updates and detailed mitigation steps, is available on the National CERT website at https://pkcert.gov.pk/advisory/25/27.pdf. It provides a comprehensive breakdown of the vulnerability, the affected product versions, and a checklist for IT teams to follow.
This alert comes at a time of growing concern around cybersecurity threats targeting widely-used infrastructure platforms. Fortinet, known for its network security products used by enterprises, telecom operators, and government agencies, has seen its devices targeted repeatedly in high-profile cyberattacks due to their critical roles in IT ecosystems.
Given the widespread use of Fortinet devices across both public and private sectors in Pakistan and abroad, the National CERT’s advisory is a stark reminder of the evolving threat landscape and the need for proactive security practices. The CERT has reiterated that failure to address this vulnerability could result in severe data breaches, system compromise, and potential operational shutdowns.
All organizations using Fortinet appliances are therefore strongly urged to act swiftly to safeguard their environments. Delays in implementing the recommended actions could leave systems exposed to potentially catastrophic cyberattacks.
As cyber threats become increasingly sophisticated, regular updates, network hardening, and timely response to advisories like this one are no longer optional—they are essential pillars of modern cybersecurity hygiene.
