Security
Fortinet’s Response to FortiWeb Zero-Day Exploits: A Silent Patch Confirmed
Fortinet Silently Patches Critical Zero-Day Vulnerability in FortiWeb
Fortinet recently addressed a critical zero-day vulnerability in its FortiWeb web application firewall that was being heavily exploited in the wild. The company quietly patched the flaw after reports surfaced of unauthenticated attackers taking advantage of an unknown path traversal flaw in early October to create new administrative users on publicly exposed devices.
Threat intelligence firm Defused first identified the attacks on October 6, revealing that an unidentified Fortinet exploit, possibly a variant of CVE-2022-40684, was used to send HTTP POST requests to the Fortinet endpoint to create local admin-level accounts.
On Thursday, security researchers from WatchTower Labs also demonstrated an exploit for the vulnerability and released a tool called the “FortiWeb Authentication Bypass Artifact Generator” to assist defenders in identifying vulnerable devices.
Rapid7, a cybersecurity firm, confirmed that the flaw impacts FortiWeb versions 8.0.1 and earlier, noting that the publicly available proof-of-concept exploit became ineffective after updating to version 8.0.2.
Fortinet recently disclosed that attackers are actively exploiting a path confusion vulnerability in FortiWeb’s GUI component, tracked as CVE-2025-64446, allowing unauthenticated attackers to execute administrative commands on unpatched systems through crafted HTTP or HTTPS requests.
The company confirmed the active exploitation of the zero-day in a security advisory on Friday, stating that the vulnerability had been patched in FortiWeb 8.0.2, released on October 28, three weeks after the initial report of CVE-2025-64446 exploitation.
| Version | Affected | Solution |
|---|---|---|
| FortiWeb 8.0 | 8.0.0 through 8.0.1 | Upgrade to 8.0.2 or above |
| FortiWeb 7.6 | 7.6.0 through 7.6.4 | Upgrade to 7.6.5 or above |
| FortiWeb 7.4 | 7.4.0 through 7.4.9 | Upgrade to 7.4.10 or above |
| FortiWeb 7.2 | 7.2.0 through 7.2.11 | Upgrade to 7.2.12 or above |
| FortiWeb 7.0 | 7.0.0 through 7.0.11 | Upgrade to 7.0.12 or above |
Federal Agencies Urged to Patch Vulnerabilities
CISA included the CVE-2025-64446 path traversal flaw in its list of actively exploited vulnerabilities, instructing U.S. federal agencies to patch their systems by November 21. The cybersecurity agency emphasized the significant risks posed by such vulnerabilities to the federal enterprise.
Administrators who cannot immediately upgrade to FortiWeb 8.0.2 are advised to disable HTTP or HTTPS for all internet-facing management interfaces and restrict access to trusted networks.
Fortinet recommended that customers review their configurations and logs for unauthorized administrator accounts and other unexpected changes.
Despite reaching out to Fortinet for further details on the ongoing attacks, BleepingComputer has yet to receive a response.
In a previous incident in August, Fortinet addressed a critical command injection flaw (CVE-2025-25256) in its FortiSIEM security monitoring solution shortly after GreyNoise warned of a surge in brute-force attacks targeting Fortinet SSL VPNs.
As MCP (Model Context Protocol) becomes the standard for connecting LLMs to tools and data, security teams are moving fast to keep these new services safe.
This free cheat sheet outlines 7 best practices you can start using today.
Porsche 911 GT3 RS Facelift: Unveiling the 992.2 Model in August 2026
Bearlyfy Strikes Russian Companies with Unique GenieLocker Ransomware Attack
Innovative Ventures: The 8 Startups Investors Can’t Resist from YC Demo Day
The Future of iPhone Cameras: Is a 200 MP Lens Coming Soon?
Celebrating the First iX3 Delivery at BMW’s Debrecen Factory
iPhone 12 Pro Max vs Samsung Note 20 Ultra / Huawei / Xiaomi / OnePlus Battery Life DRAIN Test.
Stealthy Malware: The Hidden Threat Within Telnyx PyPI Package
Harvest of Suspicion: Grave Seasons Murder Mystery Farming Sim Arrives in August
Tech Giants Clash: OpenAI Halts Sora as Meta Faces Legal Setback
EU Takes Action Against Instagram and Facebook for Violating Illegal Content Rules
Warning: Facebook Creators Face Monetization Loss for Stealing and Reposting Videos
Facebook Compliance: ICE-tracking Page Removed After US Government Intervention
Facebook’s New Look: A Blend of Instagram’s Style
Facebook and Instagram to Reduce Personalized Ads for European Users
InstaDub: Meta’s AI Translation Tool for Instagram Videos
Reclaim Your Account: Facebook and Instagram Launch New Hub for Account Recovery
Meta discontinues Messenger apps for Windows and macOS
Breaking Updates: Meta Connect 2025 Unveils Latest Developments
iPhone 12 Pro Max vs Samsung Note 20 Ultra / Huawei / Xiaomi / OnePlus Battery Life DRAIN Test.
The BEST Smartphone of 2020 🏆
The Self-Healing Smartphones!
Apple is not what it used to be.
Smartphones are Boring now.
The Fastest Android Phone Ever.
Unboxing the $122,000 Smartphone. 🤯
Are Linux Smartphones about to KILL Android?
15 Smartphone FAILS to ruin your day 😂
-
Facebook5 months agoEU Takes Action Against Instagram and Facebook for Violating Illegal Content Rules
-
Facebook5 months agoWarning: Facebook Creators Face Monetization Loss for Stealing and Reposting Videos
-
Facebook5 months agoFacebook Compliance: ICE-tracking Page Removed After US Government Intervention
-
Facebook4 months agoFacebook’s New Look: A Blend of Instagram’s Style
-
Facebook4 months agoFacebook and Instagram to Reduce Personalized Ads for European Users
-
Facebook5 months agoInstaDub: Meta’s AI Translation Tool for Instagram Videos
-
Facebook4 months agoReclaim Your Account: Facebook and Instagram Launch New Hub for Account Recovery
-
Apple5 months agoMeta discontinues Messenger apps for Windows and macOS
