Fortinet just released fixes for two critical zero-day vulnerabilities in FortiWeb (CVE-2025-64446 & CVE-2025-58034), including one that lets unauthenticated attackers create new admin users and fully compromise the device, and another that enables unauthorized code execution.
Instantly find FortiWeb devices across your network and check them against the affected versions with the report linked in the Fortiweb blog.
