CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Vulnerabilities

Fortinet Discloses Second Exploited FortiWeb Zero-Day in a Week

An OS command injection flaw, the exploited zero-day allows attackers to execute arbitrary code on the underlying system. The post Fortinet Discloses Second Exploited FortiWeb Zero-Day in a Week appeared first on SecurityWeek.

Fortinet vulnerability

Fortinet on Tuesday announced patches for 17 vulnerabilities, including a zero-day resolved with the latest FortiWeb updates.

Tracked as CVE-2025-58034 (CVSS score of 6.7), the bug is described as an OS command injection issue that can be exploited by authenticated attackers to execute arbitrary code on the underlying system, via crafted HTTP requests or CLI commands.

“Fortinet has observed this to be exploited in the wild,” the vendor notes in its advisory, without providing details on the attacks.

This is the second FortiWeb zero-day publicly disclosed within a week, after the company confirmed on November 14 that CVE-2025-64446 (CVSS score of 9.1), a critical-severity path traversal issue, had been targeted in attacks.

Fortinet patched both exploited vulnerabilities in FortiWeb versions 8.0.2, 7.6.6, 7.4.11, 7.2.12, and 7.0.12. Users should update their deployments as soon as possible.

Simultaneously with Fortinet’s advisory on the second zero-day, the US cybersecurity agency CISA added the security defect to its Known Exploited Vulnerabilities (KEV) catalog, urging federal agencies to patch it within a week.

The short patching window granted by CISA underlines the importance of exploited FortiWeb bugs. Per Binding Operational Directive (BOD) 22-01, federal agencies typically have three weeks to resolve flaws newly added to KEV.

Of the remaining 16 vulnerabilities Fortinet disclosed on Tuesday, three are high-severity flaws in FortiClient Windows (CVE-2025-47761 and CVE-2025-46373) and FortiVoice (CVE-2025-58692) that could lead to the execution of arbitrary code or commands.

The company also addressed medium- and low-severity bugs in FortiExtender, FortiMail, FortiPAM, FortiSandbox, FortiClientWindows, FortiADC, FortiOS, FortiSwitchManager, FortiProxy, and FortiWeb.

Aside from CVE-2025-58034, Fortinet makes no mention of any of these security defects being exploited in the wild. Additional information can be found on the company’s security advisories page.

Related: Fortinet Confirms Active Exploitation of Critical FortiWeb Vulnerability

Related: Chrome 142 Update Patches Exploited Zero-Day

Related: Widespread Exploitation of XWiki Vulnerability Observed

Related: Critical WatchGuard Firebox Vulnerability Exploited in Attacks

Latest News

CYBERNEWSMEDIAPublisher