FortiRecon
FortiRecon is a digital risk protection (DRP) service that allows customers to gain visibility of their digital attack surface, receive targeted threat intelligence, and reduce organisational risk.
smallick
Staff
Staff
Article Id 403169

FortiRecon Digital Risk Protection (DRP), a SaaS-based service, includes External Attack Surface Management, Brand Protection, and Adversary Centric Intelligence.

Adversary Centric Intelligence (ACI): leverages FortiGuard Threat Analysis to provide comprehensive coverage of dark web, open-source, and technical threat intelligence, including threat actor insights to enable organizations to respond proactively assess risks, respond faster to incidents, better understand their attackers, and guard assets.

The Vulnerability Intelligence Module under Adversary Centric Intelligence (ACI) provides a realistic view of the impact of the vulnerability based upon chatter and discussion of the same across various external sources such as Darkweb, social media, News / Blogs etc.

CVE ID CVE-2025-53771
CVE Title Improper limitation of a pathname to a restricted directory ('path...
NVD Severity HIGH
FortiRecon Severity CRITICAL
FortiRecon Score 90/100
Epss Score 0.00127
Exploited Yes
Exploited by Ransomware Group(s) No
Exploited by APT Group(s) No
Included in CISA KEV List No
Available working exploit(s) 0
Available POC exploit(s) 0
Darknet Mention(s) 0
Telegram Mention(s) 1 (SecAtor)
FortiRecon Intelligence Reporting(s) 0
Vendor Advisory:

 

CVE ID CVE-2025-53770
CVE Title Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
NVD Severity CRITICAL
FortiRecon Severity CRITICAL
FortiRecon Score 95/100
Epss Score 0.0304
Exploited Yes
Exploited by Ransomware Group(s) No
Exploited by APT Group(s) No
Included in CISA KEV List Yes
Available working exploit(s) 0
Available POC exploit(s) 20
Darknet Mention(s) 0
Telegram Mention(s) 2 (SecAtor, Ralf Hacker Channel)
FortiRecon Intelligence Reporting(s) 0
Vendor Advisory:

 

CVE ID CVE-2025-49706
CVE Title Microsoft SharePoint Improper Authentication Vulnerability
NVD Severity HIGH
FortiRecon Severity CRITICAL
FortiRecon Score 95/100
Epss Score 0.00044
Exploited Yes
Exploited by Ransomware Group(s) No
Exploited by APT Group(s) No
Included in CISA KEV List Yes
Available working exploit(s) 0
Available POC exploit(s) 3
Darknet Mention(s) 0
Telegram Mention(s) 1 (SecAtor)
FortiRecon Intelligence Reporting(s) 0
Vendor Advisory:

 

CVE ID CVE-2025-49704
CVE Title Microsoft SharePoint Code Injection Vulnerability
NVD Severity HIGH
FortiRecon Severity CRITICAL
FortiRecon Score 90/100
Epss Score 0.00296
Exploited Yes
Exploited by Ransomware Group(s) No
Exploited by APT Group(s) No
Included in CISA KEV List Yes
Available working exploit(s) 0
Available POC exploit(s) 0
Darknet Mention(s) 0
Telegram Mention(s) 2 (SecAtor)
FortiRecon Intelligence Reporting(s) 0
Vendor Advisory:

 

Contributors