H-ISAC TLP White Vulnerability Bulletin: Zero-Day Exploitation of Fortinet FortiWeb Path Traversal Flaw

On October 6, 2025, security researchers at Defused reported a path traversal flaw in Fortinet’s FortiWeb web application firewall (WAF) being exploited in-the-wild as a zero-day since October 2025.

This unauthenticated flaw allows remote attackers to bypass security measures and successfully create new, privileged administrative accounts on exposed devices. Users are strongly encouraged to upgrade to the latest version (8.0.2) of FortiWeb to prevent unauthorized system access and compromise.

Health-ISAC is sharing this to increase situational awareness and encourage organizations to assess their level of risk to this vulnerability.

View the detailed report below.

For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:

John Riggi

National Advisor for Cybersecurity and Risk, AHA

jriggi@aha.org

(O) +1 202 626 2272

More on John Riggi
Learn more about AHA's Cybersecurity and Risk Advisory Services

Key Resources

Related Resources

Special Bulletin
Senate Deal Reached to End Government Shutdown
Member
Guides/Reports
Strategies for Cyber Preparedness in Health Care
Advisory
Hospitals That Are Oracle Customers Urged to Take Immediate Action to Address Security Vulnerability
Public
Issue Landing Page
Cybersecurity and Risk Advisory Service
Issue Landing Page
Support for Your Cybersecurity Program
Guides/Reports
Cybersecurity and Risk Advisory Services