選單
A A A
A A A

FortiWeb Authentication Bypass Vulnerability (CVE-2025-52970)

A new Authentication Bypass Vulnerability (CVE-2025-52970) was identified in Fortinet FortiWeb recently which may allow an unauthenticated remote attacker to login in as any existing user on the affected device via a specially crafted request.

Fortinet has released the patches to remediate the vulnerability and strongly recommends customers to apply the update IMMEDIATELY.

 

Vulnerability

  • Authentication Bypass Vulnerability (CVE-2025-52970)

 

Severity Level

  • High

 

Affected Products

  • FortiWeb:
    • 7.6.0 through 7.6.3,
    • 7.4.0 through 7.4.7,
    • 7.2.0 through 7.2.10,
    • 7.0.0 through 7.0.10

 

Remediation

  • Please apply the latest update patches in your affected devices immediately.

 

Reference

 

Enquiry

 

 

Published on: 18 Aug 2025

 

Facebook Instagram Telegram 中大綠色辦公室計劃
種族多元共融僱主約章 2024-2025 無障礙網頁嘉許計劃 - 金獎級別
© 2025 香港中文大學 版權所有