Attackers may be joining the dots to enable unauthenticated RCE

Fortinet has confirmed that another flaw in its FortiWeb web application firewall has been exploited as a zero-day and issued a patch, just days after disclosing a critical bug in the same product that attackers had found and abused a month earlier.

The new bug, tracked as CVE-2025-58034, is an OS command injection vulnerability that allows authenticated attackers to execute unauthorized code on the underlying system using crafted HTTP requests or CLI commands. Updating FortiWeb devices to the most recent software version fixes the problem.

It seems highly likely these two vulnerabilities comprise an exploit chain for unauthenticated RCE

"Fortinet has observed this to be exploited in the wild," the vendor said in a Tuesday security advisory that credited Trend Micro researcher Jason McFadyen with finding and reporting the vulnerability.

"Trend Micro has observed attacks in the wild using this flaw with around 2,000 detections so far," Trend Micro ...