Fortinet has released a security update to address multiple vulnerabilities in its products. One of these vulnerabilities, identified as CVE-2025-24472, impacts FortiOS, FortiProxy, and other related products.

Affected Systems:

• FortiOS Versions: 7.0.0 to 7.0.16

• FortiProxy Versions: 7.2.0 to 7.2.12 and 7.0.0 to 7.0.19

Security Risks

The successful exploitation of vulnerabilities in Fortinet software poses a significant security risk, enabling cyber threat actors to gain unauthorized control over affected systems.

For a complete list of the security patches released by Fortinet, please refer to the official Fortinet security advisory.

Recommended Actions

The National Cyber Security Authority (NCSA) strongly recommends that system administrators:

• Follow Fortinet Security Advisory FG-IR-24-535 to lower the risk of potential exploits, protect systems, and ensure their security.

• Apply the required and latest security updates as soon as possible.

The released software versions for upgrade include, but are not limited to:

• FortiOS 7.0       7.0.0 through 7.0.16      Upgrade to 7.0.17 or above

• FortiProxy 7.2   7.2.0 through 7.2.12      Upgrade to 7.2.13 or above

• FortiProxy 7.0   7.0.0 through 7.0.19      Upgrade to 7.0.20 or above

• Before any update task, please ensure you have a recent backup that can easily be restored.

For further information and support, please contact NCSA by email at rwcsirt@ncsa.gov.rw or call us at 9009.

References

• https://www.fortiguard.com

• https://www.cve.org

• https://securityaffairs.com