Ethical Hacking News
CISA has issued an urgent alert to U.S. government agencies warning them that a newly discovered vulnerability in Fortinet's FortiWeb web application firewall can be exploited in zero-day attacks. Agencies must patch the vulnerability within 7 days to prevent unauthorized code execution.
CISA has issued an urgent alert to U.S. government agencies about a newly discovered vulnerability in Fortinet's FortiWeb web application firewall. The vulnerability, CVE-2025-58034, is an OS command injection flaw that can allow authenticated threat actors to gain code execution in zero-day attacks. Federal civilian executive branch (FCEB) agencies must secure their systems within the next 7 days to prevent unauthorized code execution. The vulnerability poses significant risks to the federal enterprise and is often exploited in cyber espionage and ransomware attacks. CISA recommends that U.S. government agencies patch the vulnerability in FortiWeb by reviewing and updating system configurations, ensuring all software is up-to-date, and implementing additional security measures.
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert to U.S. government agencies, warning them that a newly discovered vulnerability in Fortinet's FortiWeb web application firewall can be exploited in zero-day attacks. The agency has ordered federal civilian executive branch (FCEB) agencies to secure their systems within the next 7 days to prevent unauthorized code execution.
The vulnerability, tracked as CVE-2025-58034, is an OS command injection flaw that can allow authenticated threat actors to gain code execution in low-complexity attacks without requiring user interaction. This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise.
CISA added the vulnerability to its Known Exploited Vulnerabilities Catalog on Tuesday, giving FCEB agencies until November 25th to secure their systems against attacks as mandated by the Binding Operational Directive (BOD) 22-01. The agency warned that this type of vulnerability is often exploited in cyber espionage and ransomware attacks.
In August, Fortinet addressed another command injection vulnerability (CVE-2025-25256) in its FortiSIEM solution, following a GreyNoise report warning of a surge in brute-force attacks against Fortinet SSL VPNs. The company has a history of vulnerabilities being exploited in zero-day attacks, with a Chinese hacking group tracked as Volt Typhoon exploiting two FortiOS SSL VPN flaws to breach a Dutch Ministry of Defence military network using a custom remote access trojan (RAT) called Coathanger.
To mitigate this risk, U.S. government agencies must take immediate action to patch the vulnerability in FortiWeb. This includes reviewing and updating system configurations, ensuring that all software is up-to-date, and implementing additional security measures such as threat intelligence feeds and intrusion detection systems.
CISA has also ordered FCEB agencies to patch Samsung zero-day used in spyware attacks and Cisco flaws exploited in zero-day attacks, further highlighting the need for agencies to stay vigilant and proactive in their cybersecurity efforts.
In addition, the agency's recommendations for securing FortiWeb include:
* Reviewing system configurations to ensure that all FortiWeb instances are properly configured and up-to-date
* Ensuring that all software is patched with the latest security updates
* Implementing additional security measures such as threat intelligence feeds and intrusion detection systems
* Conducting regular vulnerability scans and penetration testing to identify and remediate any identified vulnerabilities
By taking these steps, U.S. government agencies can reduce their risk of being targeted by zero-day attacks and ensure that their systems remain secure.
Related Information:
https://www.ethicalhackingnews.com/articles/CISA-Issues-Urgent-Alert-US-Government-Agencies-Must-Patch-Fortinet-Flaw-Within-7-Days-to-Prevent-Zero-Day-Attacks-ehn.shtml
https://www.bleepingcomputer.com/news/security/cisa-gives-govt-agencies-7-days-to-patch-new-fortinet-flaw/
https://www.techradar.com/pro/security/fortinet-customers-told-to-update-immediately-following-major-security-issue-heres-what-we-know
https://www.cisa.gov/ed-25-03-guidance-device-updates-and-patching
https://nvd.nist.gov/vuln/detail/CVE-2025-58034
https://www.cvedetails.com/cve/CVE-2025-58034/
https://nvd.nist.gov/vuln/detail/CVE-2025-25256
https://www.cvedetails.com/cve/CVE-2025-25256/
Published: Wed Nov 19 07:52:33 2025 by llama3.2 3B Q4_K_M
