Get Started
What We Do
How We Do It
Resources
Company
Partners
Login
Get Started
What we do
How we do it
Resources
Company
Partners
Get Started
What We Do
CONTROLLED AUTONOMY SECOPS
Atlas Platform

Connects to any signal across any vendor stack and powers adaptive AI Operatives that expose, detect, and neutralize cyberattacks.

 Atlas Operations Center

See what our SOC sees, review investigations, and see how we are protecting your business.

 Technology Integrations

Atlas connects to any signal across your current security tools. Whatever you're running, we're running with you.
EXPERT-VALIDATED DEFENSE
24/7 Security Operations Center

Extend your team with immediate expertise, hands-on remediation, and the human accountability layer that boards, regulators, and cyber insurers require.

 Threat Response Unit

Proactive threat intelligence, original threat research and a world-class team of seasoned industry veterans.

 Response and Remediation

Pairs machine-speed containment with human judgment, delivering full threat response that's policy-bounded, reversible, and explainable.
ESENTIRE SERVICES
Managed Detection and Response

MDR that moves first, multi-signal attack surface coverage, and 24/7 Elite threat hunters working as one continuous security program across any vendor stack.
All-in-One eSentire MDR MDR for Microsoft
Digital Forensics and Incident Response

Get unlimited Incident Response with threat suppression guarantee- anytime, anywhere.
Autonomous Pen Testing & Continuous Threat Exposure Management (CTEM)

Full alignment to the five-stages of CTEM operations; scope, discover, prioritize, validate, and mobilize against exposures attackers would use against you.
How We Do It
MDR Packages and 24/7 Protection
MDR Pricing and Packages

Flexible MDR pricing and packages that fit your unique security requirements.
Atlas Essentials

Entry level foundational MDR coverage
Atlas Advanced

Comprehensive Next Level eSentire MDR
Atlas Complete

Next Level eSentire MDR with Cyber Risk Advisors to continuously advance your security program
Explore MDR Packages Build Your MDR Package
24/7 Coverage
Endpoint
Network
Log
Cloud
Identity
INDUSTRIES
Insurance Construction Finance Legal Manufacturing Private Equity Healthcare Retail Food Supply Government and Education Automotive Dealerships
USE CASES
Ransomware

Stop ransomware before it spreads.

 Identity Response

Stop identity-based cyberattacks.

 Zero Day Attacks

Detect and respond to zero-day exploits.

 Cybersecurity Compliance

Meet regulatory compliance mandates.

 Third-Party Risk

Defend third-party and supply chain risk.

 Cloud Misconfiguration

End misconfigurations and policy violations.

 Cyber Risk

Adopt a risk-based security approach.

 Mid-Market Security

Mid-market security essentials to prioritize.

 Sensitive Data Security

Protect your most sensitive data.

 Cyber Insurance

Meet insurability requirements with MDR.

 Cyber Threat Intelligence

Operationalize cyber threat intelligence.

 Security Leadership

Build a proven security program.
Resources
Resources
Resource Library Video Library Case Studies Compare MDR Vendors TRU Intelligence Center Monthly Threat Intelligence Briefings Cybersecurity Tools Cybersecurity Glossary Real vs. Fake MDR Blogs Security Advisories
SECURITY ADVISORIES
May 15, 2026 Cisco Catalyst SD-WAN Zero-Day Vulnerability (CVE-2026-20182)

On May 14th, 2026, Cisco disclosed a maximum severity vulnerability in Cisco Catalyst Software-Defined Wide Area Network (SD-WAN) Controller and SD-WAN Manager. The vulnerability, tracked…

Read More
May 06, 2026 Palo Alto PAN-OS Zero-Day Vulnerability (CVE-2026-0300)

On May 5th, 2026, Palo Alto Networks disclosed CVE-2026-0300 (CVSS: 9.3), a critical zero-day buffer overflow vulnerability that impacts the User-ID Authentication Portal (aka Captive…

Read More
View Advisories
From The Blog
May 21, 2026 eSentire Named Tenable’s 2026 Global MSSP Partner of the Year
Read More
May 21, 2026 Software Supply Chain Attacks and Responsibility - Who is Actually in…
Read More
May 14, 2026 Amatera Stealer 4.0.2 Beta: What's New in This Variant
Read More
VIEW ARTICLES
Company
ABOUT ESENTIRE

eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.

About Us Leadership Careers Event Calendar Newsroom Aston Villa Football Club
EVENT CALENDAR
Jun
09
June TRU Intelligence Briefing
Jun
11
Kansas City FutureCon
Jun
17
Elevate Tech Summit
Jun
18
Dutch IT Security Day
Jul
14
July TRU Intelligence Briefing
View Calendar
LATEST PRESS RELEASE
Mar 19, 2026 eSentire Appoints Cybersecurity Industry Veteran James C. Foster as Chief Executive Officer Read More
View Newsroom
OUR PARTNERSHIPS
Aston Villa Football Club

AVFC takes its cyber protection to the Next Level with eSentire as its official cybersecurity partner.

Learn More
Partners
PARTNER PROGRAM

Apply to become an e3 ecosystem partner with eSentire today.
APPLY NOW

Sign in to the Partner Portal to access exclusive resources, campaigns, training, sales tools, and support.
LOGIN NOW
Search

Search our site

Quick Links
ALL-IN-ONE ESENTIRE MDR

Multi-Signal MDR with 300+ technology integrations to support your existing investments.
24/7 SOC SUPPORT

24/7 SOC-as-a-Service with unlimited threat hunting and incident handling.
MDR PRICING AND PACKAGES

We offer three flexible MDR pricing packages that can be customized to your unique needs.
TRU INTELLIGENCE CENTER

The latest security advisories, blogs, reports, industry publications and webinars published by TRU.
MDR VENDOR COMPARISONS

Compare eSentire to other Managed Detection and Response vendors to see how we stack up against the competition.
MDR CASE STUDIES

See why 2000+ organizations globally have chosen eSentire for their MDR Solution.
Get Started
Get Started
Build A Quote
Become A Partner
Breached?
Call Us Now
Home Resources Security Advisories Fortinet FortiWeb Zero-Day Vulnerability (CVE-2025-58034) Exploited in the Wild
Security advisories

Fortinet FortiWeb Zero-Day Vulnerability (CVE-2025-58034) Exploited in the Wild

November 19, 2025

3 MINS READ

Share this article

THE THREAT

On November 18th, 2025, Fortinet disclosed an actively exploited zero-day vulnerability impacting Fortinet FortiWeb versions. The vulnerability, tracked as CVE-2025-58034 (CVSS: 6.7), is a OS command injection vulnerability due to improper neutralization of special elements used in an OS command. CVE-2025-58034 may allow an authenticated attacker to execute arbitrary code on the vulnerable system via crafted HTTP requests or CLI commands. Successful exploitation can enable an attacker to gain complete control over the compromised device.

Fortinet confirmed that CVE-2025-58034 is being exploited in the wild, making it critical for the organizations to patch the flaw and upgrade the vulnerable instances to secure versions.

What we're doing about it

What you should do about it

Additional information

Fortinet stated in its advisory that "Fortinet has observed this to be exploited in the wild." In response, CISA has added CVE-2025-58034 to its Known Exploited Vulnerabilities (KEV) catalog, requiring U.S. Federal agencies to apply patches by November 25, 2025. Shortly after Fortinet's disclosure, the Canadian Centre for Cyber Security (CCCS) issued an alert for CVE-2025-25256, further underscoring the severity of the issue. At the time of writing, technical details regarding the exploitation of the vulnerability are not available, and Proof-of-Concept (PoC) exploit code has not been identified. The vulnerability was reported by Jason McFadyen from Trend Micro under responsible disclosure.

Fortinet had recently disclosed a high-severity vulnerability, CVE-2025-64446. At the time of writing, it remains unclear whether this flaw and the newly disclosed vulnerability are related or could be chained together for broader exploitation. The difference between the two vulnerabilities is as follows:

However, the overlap in the impacted FortiWeb versions noted in Fortinet's advisory raises concern about potential shared root causes or attack paths that adversaries may attempt to leverage.

Given the short timeframe between the initial observation of CVE-2025-64446 and the public acknowledgement of CVE-2025-25256, organizations should prioritize immediate action.

CVE-2025-58034: Impacted Product List
Version Affected Solution
FortiWeb 8.0 8.0.0 through 8.0.1 Upgrade to 8.0.2 or above
FortiWeb 7.6 7.6.0 through 7.6.5 Upgrade to 7.6.6 or above
FortiWeb 7.4 7.4.0 through 7.4.10 Upgrade to 7.4.11 or above
FortiWeb 7.2 7.2.0 through 7.2.11 Upgrade to 7.2.12 or above
FortiWeb 7.0 7.0.0 through 7.0.11 Upgrade to 7.0.12 or above

References:
[1] https://fortiguard.fortinet.com/psirt/FG-IR-25-513
[2] https://nvd.nist.gov/vuln/detail/CVE-2025-58034
[3] https://cwe.mitre.org/data/definitions/78.html
[4] https://www.cisa.gov/news-events/alerts/2025/11/18/cisa-adds-one-known-exploited-vulnerability-catalog
[5] https://www.cyber.gc.ca/en/alerts-advisories/fortinet-security-advisory-av25-769
[6] https://nvd.nist.gov/vuln/detail/CVE-2025-64446
[7] https://www.esentire.com/security-advisories/fortinet-fortiweb-vulnerability-exploited-cve-2025-64446

Back to Security Advisories

Speak With A Security Expert Now

TALK TO AN EXPERT

in this Advisory

View Most Recent Advisories
ARE YOU EXPERIENCING A SECURITY INCIDENT OR HAVE YOU BEEN BREACHED?
Call 1-866-579-2200
The Proven Choice for
Managed Detection and Response
GET STARTED PARTNER LOGIN
Sales and
Customer Support
NORTH AMERICA 1-866-579-2200 EMEA (0)8000-443242 ANZ/APAC 1-519-651-2200
What we do
How we do it
Industries
Use Cases
Resources
Tools
Company

2026 eSentire, Inc. All Rights Reserved.