CVE-2025-60024 is a path traversal vulnerability affecting Fortinet FortiVoice versions 7.0.0 through 7.0.7 and 7.2.0 through 7.2.2. The flaw arises from improper restrictions on pathname inputs, allowing a privileged authenticated attacker to craft HTTP or HTTPS requests that write arbitrary files outside the intended directories. This can lead to escalation of privileges by overwriting critical system files or placing malicious scripts, potentially enabling full system compromise. The vulnerability does not require user interaction but does require the attacker to have some level of authentication, likely administrative or privileged user credentials. The CVSS 3.1 base score is 7.7, indicating high severity with network attack vector, low attack complexity, and high impact on confidentiality, integrity, and availability. Although no public exploits are known yet, the vulnerability poses a significant risk to organizations relying on FortiVoice for telephony and unified communications. The flaw could be leveraged to disrupt voice services, intercept or manipulate sensitive communications, or gain persistent access to the device. FortiVoice is widely used in enterprise telephony environments, making this vulnerability particularly concerning for organizations with critical communications infrastructure. The vulnerability was reserved in late September 2025 and published in December 2025, with Fortinet expected to release patches. Until patches are applied, organizations should implement compensating controls such as limiting access to FortiVoice management interfaces and monitoring network traffic for suspicious activity.

The vulnerability allows an attacker with privileged authentication to write arbitrary files, which can lead to full system compromise. This threatens the confidentiality of sensitive voice communications, the integrity of telephony configurations and logs, and the availability of voice services. For European organizations, disruption of telephony infrastructure can impact business operations, emergency communications, and regulatory compliance, especially in sectors like finance, healthcare, and government. The ability to escalate privileges and potentially execute arbitrary code increases the risk of lateral movement within networks and persistent footholds. Given the critical role of FortiVoice in unified communications, exploitation could also expose personally identifiable information (PII) and sensitive corporate data transmitted over voice channels. The lack of known exploits currently reduces immediate risk but does not diminish the urgency of mitigation due to the high potential impact.

1. Apply official Fortinet patches for FortiVoice versions 7.0.0 through 7.0.7 and 7.2.0 through 7.2.2 as soon as they become available. 2. Restrict administrative access to FortiVoice management interfaces to trusted IP addresses and use VPNs or secure tunnels where possible. 3. Enforce strong authentication mechanisms, including multi-factor authentication, to reduce the risk of credential compromise. 4. Monitor HTTP and HTTPS traffic to FortiVoice devices for unusual or malformed requests that could indicate exploitation attempts. 5. Regularly audit FortiVoice logs for signs of unauthorized file writes or configuration changes. 6. Segment FortiVoice devices on dedicated network segments to limit lateral movement if compromised. 7. Educate IT staff on the specific risks associated with this vulnerability and update incident response plans accordingly. 8. Consider deploying web application firewalls (WAFs) or intrusion detection/prevention systems (IDS/IPS) with signatures tuned to detect path traversal attempts targeting FortiVoice.