Ethical Hacking News
U.S. CISA adds a new Fortinet FortiWeb vulnerability to its KEV catalog, highlighting the ongoing need for organizations to address emerging threats and enhance their security postures.
In this article, we delve into the details of the newly added vulnerability, CVE-2025-58034, and its implications for federal agencies and organizations with FortiWeb software installed. We explore the recommendations made by CISA and Fortinet, as well as the importance of prompt action in addressing known exploited vulnerabilities to protect networks against attacks exploiting the flaws in the catalog.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a new Fortinet FortiWeb vulnerability, CVE-2025-58034, to its Known Exploited Vulnerabilities (KEV) catalog. The flaw has a CVSS score of 6.7, indicating a high level of severity and has been actively exploited in attacks in the wild. CISA recommends that federal agencies upgrade to version 8.0.2 or above for FortiWeb 8.08.0.0 through 8.0.1. For Fortinet FortiWeb versions 7.67.6.0 through 7.6.5, CISA recommends upgrading to version 7.6.6 or above. The vulnerability allows unauthenticated attackers to execute administrative commands on the system via crafted HTTP or HTTPS requests. CISA orders federal agencies to fix these vulnerabilities by November 25, 2025, emphasizing the importance of prompt action in addressing known exploited vulnerabilities.
U.S. CISA adds a new Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog
Pierluigi Paganini
November 19, 2025
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has taken a significant step in enhancing the security posture of federal agencies by adding a new Fortinet FortiWeb vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. This move is part of CISA's ongoing efforts to identify and mitigate known vulnerabilities that pose a significant risk to the nation's critical infrastructure.
The newly added vulnerability, CVE-2025-58034, has a CVSS score of 6.7, indicating a high level of severity. The flaw in question is an improper neutralization of special elements used in an OS Command (‘OS Command Injection’), which can be exploited by authenticated attackers to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands.
According to Fortinet, this vulnerability has been actively exploited in attacks in the wild, highlighting the urgent need for organizations to address this issue. CISA recommends that federal agencies with FortiWeb 8.08.0.0 through 8.0.1 upgrade to version 8.0.2 or above, while those running FortiWeb 7.67.6.0 through 7.6.5 should upgrade to version 7.6.6 or above.
In a similar vein, a relative path traversal vulnerability (CVE-2025-64446) in Fortinet FortiWeb has been observed being actively exploited in the wild. This flaw allows unauthenticated attackers to execute administrative commands on the system via crafted HTTP or HTTPS requests.
Fortinet recommends disabling HTTP/HTTPS on internet-facing interfaces until upgrading to address this issue, as noted by CISA. If management access is internal only, the risk of exploitation is greatly reduced.
CISA orders federal agencies to fix these vulnerabilities by November 25, 2025, emphasizing the importance of prompt action in addressing known exploited vulnerabilities to protect networks against attacks exploiting the flaws in the catalog.
Experts have stressed that organizations should review the CISA's Known Exploited Vulnerabilities (KEV) catalog and address the vulnerabilities in their infrastructure as soon as possible. The recent addition of this Fortinet FortiWeb flaw highlights the ongoing need for vigilance and proactive measures to safeguard against emerging threats.
This latest development underscores the critical role that agencies such as CISA play in protecting national security by identifying and mitigating known vulnerabilities that pose a risk to critical infrastructure.
By taking swift action to address identified vulnerabilities, federal agencies can significantly reduce their exposure to attacks exploiting known exploited vulnerabilities. The continued vigilance of organizations and agencies is crucial in preventing the exploitation of these vulnerabilities and ensuring the resilience of our nation's critical systems.
In conclusion, the addition of the Fortinet FortiWeb flaw to CISA's KEV catalog serves as a timely reminder of the importance of proactive security measures. By acknowledging and addressing known vulnerabilities, organizations can significantly enhance their defenses against emerging threats and protect their networks against exploitation.
The ongoing efforts by CISA to identify and mitigate known vulnerabilities demonstrate its commitment to safeguarding national security. As agencies continue to grapple with the ever-evolving threat landscape, it is crucial that they remain vigilant and proactive in addressing identified vulnerabilities to ensure the resilience of our critical infrastructure.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Fortinet-FortiWeb-Flaw-A-New-Vulnerability-Added-to-CISAs-Known-Exploited-Vulnerabilities-Catalog-ehn.shtml
https://securityaffairs.com/184832/hacking/u-s-cisa-adds-a-new-fortinet-fortiweb-flaw-to-its-known-exploited-vulnerabilities-catalog.html
https://nvd.nist.gov/vuln/detail/CVE-2025-58034
https://www.cvedetails.com/cve/CVE-2025-58034/
https://nvd.nist.gov/vuln/detail/CVE-2025-64446
https://www.cvedetails.com/cve/CVE-2025-64446/
Published: Wed Nov 19 08:39:53 2025 by llama3.2 3B Q4_K_M
