Fortinet disclosed another zero-day vulnerability in its FortiWeb firewall just days after revealing a separate exploited flaw. CVE-2025-58034 allows authenticated attackers to run code through crafted HTTP requests, earning a 6.7 CVSS score.
Orange Cyberdefense reports "several exploitation campaigns" are chaining this new flaw with last week's vulnerability for more powerful attacks. Trend Micro detected around 2,000 exploitation attempts.
The timing raises questions about Fortinet's disclosure practices - both vulnerabilities were quietly patched before public disclosure. CISA added the flaw to its Known Exploited Vulnerabilities catalog with an accelerated one-week patching deadline for federal agencies.
Source: Dark Reading