Exploitation of FortiGate SSO Vulnerabilities by Threat Actors
First seen 16 Dec 2025, 16:58 UTC
•

•95% similarity
•88
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
Threat actors are actively exploiting critical authentication bypass vulnerabilities in Fortinet's FortiGate appliances, specifically CVE-2025-59718 and CVE-2025-59719. These vulnerabilities allow unauthenticated single sign-on (SSO) logins via malicious SAML messages, granting administrative access to attackers. Fortinet disclosed these flaws in a PSIRT advisory on December 9, 2025.
ThreatCluster AI