A web application firewall (WAF) solution that protects web applications and APIs from threats and vulnerabilities through machine learning and AI-powered security. FortiWeb provides protection against OWASP Top 10 threats, zero-day attacks, and bot-based attacks while maintaining high performance and low latency. It offers both cloud-based and on-premises deployment options with features like API protection, automated machine learning, and virtual patching.

Fortinet FortiWeb

An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9 may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.

CVE ID	Severità	Punteggio	Tecnologie	Nome del componente	Exploit CISA KEV	Ha la correzione	Data di pubblicazione
CVE-2025-59719	CRITICAL	9.8	Fortinet FortiWeb	cpe:2.3:a:fortinet:fortiweb	No	Sì	Dec 09, 2025
CVE-2025-64447	HIGH	8.1	Fortinet FortiWeb	cpe:2.3:a:fortinet:fortiweb	No	Sì	Dec 09, 2025
CVE-2025-64471	HIGH	7.5	Fortinet FortiWeb	cpe:2.3:a:fortinet:fortiweb	No	Sì	Dec 09, 2025
CVE-2025-58034	HIGH	7.2	Fortinet FortiWeb	cpe:2.3:a:fortinet:fortiweb	Sì	Sì	Nov 18, 2025
CVE-2025-59669	MEDIUM	5.5	Fortinet FortiWeb	cpe:2.3:a:fortinet:fortiweb	No	Sì	Nov 18, 2025

CVE-2025-59719:
Fortinet FortiWeb Analisi e mitigazione delle vulnerabilità

9.8

Imparentato Fortinet FortiWeb Vulnerabilità:

Benchmark della tua posizione di sicurezza del cloud

Ulteriori risorse Wiz

PEACH

Pronti a vedere Wiz in azione?

CVE-2025-59719: Fortinet FortiWeb Analisi e mitigazione delle vulnerabilità