Remote Help

Cisco security advisory (AV25-759)
Serial number:AV25-759
Date:November 14, 2025

On November 13, 2025, Cisco published security advisories to address vulnerabilities in the following products:

Cisco Catalyst Center Hardware Appliance – versions prior to 2.3.7.10

Cisco Catalyst Center Virtual Appliance – versions prior to 2.3.7.10-VA

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.

Cisco Security Advisories

AL25-017 - Vulnerability impacting Fortinet FortiWeb – CVE-2025-64446

Number: AL25-017
Date: November 14, 2025

Audience

This Alert is intended for IT professionals and managers.

Purpose

An Alert is used to raise awareness of a recently identified cyber threat that may impact cyber information assets, and to provide additional detection and mitigation advice to recipients. The Canadian Centre for Cyber Security ("Cyber Centre") is also available to provide additional assistance regarding the content of this Alert to recipients as requested.

Details

On November 13, 2025, the Cyber Centre became aware of a critical path traversal vulnerability impacting the Web UI of Fortinet's FortiWeb that can result in root access to the device^Footnote1. The Cyber Centre has observed open-source reporting which indicates that the vulnerability is being exploited in the wild.

CVE-2025-64446^Footnote2 is a relative path traversal vulnerability in the Common Gateway Interface (CGI) [CWE-23]^Footnote3 of FortiWeb that may allow an unauthenticated attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests.

In response to this vulnerability, the Cyber Centre, on November 14, 2025, released AV25-758^Footnote4. CISA has added CVE-2025-64446 to their Known Exploited Vulnerabilities (KEV) ^Footnote5 catalog on November 14, 2025.

Suggested actions

Cyber Centre recommends that organizations patch their FortiWeb to the following versions:

Version	Affected Products	Solutions
FortiWeb 8.0	8.0.0 through 8.0.1	FortiWeb – version 8.0.2 or later
FortiWeb 7.6	7.6.0 through 7.6.4	FortiWeb – version 7.6.5 or later
FortiWeb 7.4	7.4.0 through 7.4.9	FortiWeb – version 7.4.10 or later
FortiWeb 7.2	7.2.0 through 7.2.11	FortiWeb – version 7.2.12 or later
FortiWeb 7.0	7.0.0 through 7.0.11	FortiWeb – version 7.0.12 or later

It is imperative for organizations to identify and prioritize the patching of vulnerable systems promptly, using guidance provided by the vendor^Footnote1.

The Cyber Centre strongly recommends that organizations follow Fortinet customer guidance for mitigation advice:

Apply the recommended update. If this is not possible, apply the following workaround:
- Disable HTTP or HTTPS for internet facing interfaces. Fortinet recommend taking this action until an upgrade can be performed.
Post Upgrade Steps:
- It is recommended that customers review their configurations and logs for unexpected modifications, including the addition of unauthorized administrator accounts.

In addition, the Cyber Centre also strongly recommends that organizations review and implement the Cyber Centre’s Top 10 IT Security Actions with an emphasis on the following topics ^Footnote6.

Patching operating systems and applications
Segment and separate information
Isolating Web-Facing applications

Should activity matching the content of this alert be discovered, recipients are encouraged to report via the My Cyber Portal, or email contact@cyber.gc.ca.

References