CISA Adds Critical Fortinet FortiWeb Vulnerability (CVE-2025-25257) to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in Fortinet FortiWeb, identified as CVE-2025-25257, to its Known Exploited Vulnerabilities (KEV) Catalog. This vulnerability, with a CVSS score of 9.6, has been actively exploited by hackers following the publication of a proof-of-concept (PoC) exploit. Fortinet FortiWeb is a web application firewall (WAF) designed to protect web applications from various attacks. The high CVSS score indicates that the vulnerability is severe, with significant impacts on confidentiality, integrity, and availability. The inclusion in CISA's KEV catalog underscores the urgency for organizations to address this vulnerability promptly. Cybersecurity professionals should prioritize patching FortiWeb installations to mitigate the risk of exploitation. Continuous monitoring for signs of exploitation is essential, especially if immediate patching is not feasible. Additionally, organizations should review their incident response plans to ensure they can quickly respond to any exploitation attempts. This development highlights the critical importance of timely patch management and the risks associated with delayed updates in protecting against cyber threats.