PatchSiren cyber security CVE debrief
CVE-2025-64446 Fortinet CVE debrief
CVE-2025-64446 is a Fortinet FortiWeb path traversal vulnerability that CISA added to its Known Exploited Vulnerabilities (KEV) catalog on 2025-11-14. The official sources in this corpus identify the affected product family and the vulnerability class, but they do not include additional technical detail or a CVSS score. Because it is in KEV, defenders should treat it as an urgent remediation item and follow vendor guidance immediately.
- Vendor
- Fortinet
- Product
- FortiWeb
- CVSS
- Unknown
- CISA KEV
- Listed
- Original CVE published
- 2025-11-14
- Original CVE updated
- 2025-11-14
- Advisory published
- 2025-11-14
- Advisory updated
- 2025-11-14
Who should care
Fortinet FortiWeb administrators, network and application security teams, vulnerability management teams, and incident responders responsible for internet-facing security appliances or cloud-hosted deployments.
Technical summary
The available official records identify CVE-2025-64446 as a path traversal issue in Fortinet FortiWeb. CISA’s KEV listing means the vulnerability has been observed as exploited in the wild or otherwise meets CISA’s known-exploitation criteria. The supplied corpus does not include the Fortinet advisory text, exploit details, affected versions, or CVSS metrics, so defensive actions should be based on vendor guidance and KEV requirements rather than assumptions about impact scope.
Defensive priority
High / urgent. KEV inclusion with a remediation due date of 2025-11-21 indicates this vulnerability should be prioritized immediately, especially for exposed FortiWeb deployments.
Recommended defensive actions
- Review Fortinet’s official guidance for FG-IR-25-910 and apply the recommended mitigations or updates as soon as possible.
- If mitigations are unavailable, follow CISA’s KEV guidance and discontinue use of the product where appropriate.
- Prioritize internet-facing FortiWeb instances and confirm whether any cloud-service guidance under BOD 22-01 applies to your environment.
- Inventory all FortiWeb deployments, including appliances and managed/cloud instances, to verify exposure and patch status.
- Validate remediation by checking that the affected version is no longer present and that the vendor’s recommended protections are in place.
Evidence notes
This debrief is based only on the supplied official corpus: CISA KEV metadata, the CVE record reference, and the NVD record link. The corpus confirms the product (Fortinet FortiWeb), vulnerability type (path traversal), KEV status, and timing (published/added on 2025-11-14; remediation due 2025-11-21). It does not provide vendor advisory contents, affected versions, exploitation mechanics, or CVSS details.
Official resources
-
CVE-2025-64446 CVE record
CVE.org
-
CVE-2025-64446 NVD detail
NVD
-
CISA Known Exploited Vulnerabilities catalog
CISA - Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
-
Source item URL
cisa_kev
Publicly listed vulnerability with CISA-known exploitation status. No exploit code or offensive details are included here.