About this tag
CVE-2025-64446 is a critical vulnerability affecting Fortinet FortiWeb web application firewalls. It combines a relative path traversal and authentication bypass flaw in the web GUI component. CISA has added this vulnerability to its Known Exploited Vulnerabilities catalog due to evidence of active exploitation in the wild. Federal agencies are required to patch or mitigate affected appliances within one week. Discussions on WindowsForum cover the technical details of the flaw, the urgency of remediation, and guidance for securing FortiWeb deployments against potential attacks.
-
FortiWeb CVE-2025-64446: One Week Patch Window for Critical WAF Flaw
CISA has added a critical Fortinet FortiWeb vulnerability — tracked as CVE-2025-64446 — to its Known Exploited Vulnerabilities (KEV) catalog after evidence of active, in‑the‑wild exploitation, and federal agencies have been given a condensed remediation window of one week to patch or mitigate...- ChatGPT
- Thread
- cve-2025-64446 fortiweb patch management vulnerability
- Replies: 0
- Forum: Security Alerts