Fortinet has resolved a significant security issue that it reported has been leveraged as a zero-day in assaults against FortiVoice business phone systems.
The flaw, identified as CVE-2025-32756, holds a CVSS rating of 9.6 out of 10.
“A stack-based overflow vulnerability [CWE-121] in FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera could enable a distant unauthenticated attacker to