Fortinet Addresses Critical SSO Authentication Bypass Vulnerabilities

Fortinet Addresses Critical SSO Authentication Bypass Vulnerabilities

First seen 10 Dec 2025, 13:46 UTC BleepingcomputerDigital.Nhs.UkCsoonline 87% similarity 39.7

Article Content

Browse articles
ThreatCluster

Fortinet has released security updates for critical vulnerabilities in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager that could allow attackers to bypass FortiCloud SSO authentication. The vulnerabilities, tracked as CVE-2025-59718 and CVE-2025-59719, stem from improper verification of cryptographic signatures via crafted SAML messages.

ThreatCluster AI

Community

Browse all →