What is the CVSS score of CVE-2025-32756?

CVE-2025-32756 has a CVSS 3.1 base score of 9.8 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 41.6%.

Which versions of Fortimail are affected by CVE-2025-32756?

Organizations using Fortinet FortiCamera 2.1.0 face critical risk from CVE-2025-32756, a stack-based buffer overflow vulnerability rated CVSS 9.8.

Is CVE-2025-32756 being actively exploited?

Yes, CVE-2025-32756 is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, confirming active in-the-wild exploitation. Immediate patching is required.

How to fix or mitigate CVE-2025-32756?

Within 24 hours: Identify all affected systems running Fortinet FortiCamera 2.1.0 and apply vendor patches immediately. If patching is delayed, consider network segmentation to limit exposure.

Fortimail CVE-2025-32756

CRITICAL

Stack-based Buffer Overflow (CWE-121)

2025-05-13 psirt@fortinet.com

RCE Buffer Overflow Fortinet Stack Overflow Fortimail Fortirecorder Fortivoice Fortindr Forticamera Firmware

9.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 18:41 vuln.today

Added to CISA KEV

Jan 14, 2026 - 19:18 cisa

CISA KEV

CVE Published

May 13, 2025 - 15:15 nvd

CRITICAL 9.8

DescriptionNVD

A stack-based buffer overflow vulnerability [CWE-121] vulnerability in Fortinet FortiCamera 2.1.0 through 2.1.3, FortiCamera 2.0 all versions, FortiCamera 1.1 all versions, FortiMail 7.6.0 through 7.6.2, FortiMail 7.4.0 through 7.4.4, FortiMail 7.2.0 through 7.2.7, FortiMail 7.0.0 through 7.0.8, FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.7, FortiNDR 7.2.0 through 7.2.4, FortiNDR 7.0.0 through 7.0.6, FortiRecorder 7.2.0 through 7.2.3, FortiRecorder 7.0.0 through 7.0.5, FortiRecorder 6.4.0 through 6.4.5, FortiVoice 7.2.0, FortiVoice 7.0.0 through 7.0.6, FortiVoice 6.4.0 through 6.4.10 allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie.

AnalysisAI

Fortinet FortiCamera, FortiMail, FortiNDR, FortiRecorder, and FortiVoice contain a stack-based buffer overflow enabling unauthenticated remote code execution across multiple Fortinet products.

Technical ContextAI

The CWE-121 stack overflow in shared code affects multiple Fortinet products simultaneously. The vulnerability allows memory corruption through crafted requests, leading to arbitrary code execution.

RemediationAI

Apply Fortinet security updates across all affected products. Prioritize FortiMail patching. Monitor for exploitation indicators.

CVE-2025-32756 vulnerability details – vuln.today

Back

Fortimail CVE-2025-32756

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code