Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
A command injection zero-day in several versions of Fortinet’s FortiWeb firewall products, with exploitation underway.
Fortinet’s very bad, no good time with its FortiWeb suite of firewall products is continuing, with the second disclosure this week of an actively exploited vulnerability in the platform.
CVE-2025-58034, disclosed by FortiGuard Labs on November 18, is a command injection vulnerability that could lead to an authenticated attacker executing malicious code via specifically crafted CLI commands or HTTP requests. The vulnerability has a CVSS score of 6.7, making it of Medium Severity, but that hardly counts with hackers already on the case.
Fortinet said it has observed exploitation of the vulnerability in the wild, and the US Cybersecurity & Infrastructure Security Agency has already added the vulnerability to its Known Exploited Vulnerability Catalog.
“This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise,” CISA said in a November 18 advisory.
The vulnerability impacts the following versions:
Fortinet said it was “pleased to thank Jason McFadyen from Trend Research of Trend Micro for reporting this vulnerability under responsible disclosure”.
Earlier this week Fortinet and CISA reported active exploitation of CVE-2025-64446, an authentication bypass vulnerability also impacting Fortinet’s FortiWeb products, after security analysts sounded the alarm on its exploitation the week before.
“Oh look at that, it’s a Thursday! And in continuing with Thursday’s, the watchTowr team is seeing active, indiscriminate in-the-wild exploitation of what appears to be a silently patched vulnerability in Fortinet’s FortiWeb product,” watchTowr’s CEO, Benjamin Harris, said on November 14.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
