CVE-2025-58693 is a path traversal vulnerability affecting Fortinet FortiVoice versions 7.0.0 through 7.0.7 and 7.2.0 through 7.2.2. The flaw arises from improper limitation of pathname inputs to restricted directories, allowing an attacker with privileged access to craft HTTP or HTTPS requests that delete arbitrary files on the underlying filesystem. This vulnerability does not require user interaction but does require the attacker to have elevated privileges, such as administrative access to the FortiVoice management interface. The impact of successful exploitation includes deletion of critical system files, potentially leading to denial of service by disrupting telephony services or corrupting system configurations. The vulnerability affects confidentiality minimally but has a high impact on integrity and availability. The CVSS 3.1 score of 5.7 reflects network attack vector, low attack complexity, high privileges required, no user interaction, unchanged scope, and high impact on integrity and availability. No public exploits have been reported yet, but the vulnerability is publicly disclosed and should be addressed promptly. FortiVoice is widely used in enterprise telephony solutions, making this vulnerability relevant for organizations relying on Fortinet's unified communications products.

For European organizations, exploitation of CVE-2025-58693 could lead to significant disruption of telephony and unified communications services, impacting business operations and customer communications. Deletion of critical files may cause system outages or require time-consuming recovery efforts. Organizations in sectors such as finance, healthcare, government, and telecommunications, which rely heavily on FortiVoice for secure and reliable voice communications, could face operational downtime and potential regulatory compliance issues due to service interruptions. The requirement for privileged access limits the attack surface but insider threats or compromised administrative credentials could enable exploitation. The lack of known exploits reduces immediate risk but does not eliminate the threat, especially as attackers may develop exploits following public disclosure. The vulnerability could also be leveraged as part of a broader attack chain to disrupt critical infrastructure services in Europe.

1. Immediately upgrade FortiVoice devices to versions beyond 7.2.2 or 7.0.7 once patches are released by Fortinet. 2. Restrict administrative access to FortiVoice management interfaces using network segmentation, VPNs, and strict firewall rules to limit exposure to trusted personnel only. 3. Enforce strong authentication mechanisms, including multi-factor authentication for all privileged accounts managing FortiVoice devices. 4. Monitor logs and network traffic for unusual HTTP/HTTPS requests targeting FortiVoice devices that could indicate exploitation attempts. 5. Regularly audit and review user privileges to ensure only necessary personnel have administrative access. 6. Implement file integrity monitoring on FortiVoice systems to detect unauthorized file deletions or modifications. 7. Develop and test incident response plans specific to telephony infrastructure compromise to minimize downtime. 8. Coordinate with Fortinet support for timely updates and advisories related to this vulnerability.