Fortinet SSO Vulnerabilities Exploited for Admin Access on Firewalls

Fortinet SSO Vulnerabilities Exploited for Admin Access on Firewalls

First seen 22 Jan 2026, 21:42 UTC CybersecuritynewsCyberpressGbhackersNationalcioreview 86% similarity 46.9

Article Content

Browse articles
ThreatCluster

Fortinet's Single Sign-On (SSO) vulnerabilities, CVE-2025-59718 and CVE-2025-59719, are being actively exploited by attackers to gain unauthorized administrative access to FortiGate firewalls. These flaws allow unauthenticated attackers to bypass SSO authentication and create local admin accounts, affecting internet-exposed devices. Fortinet's PSIRT team is investigating multiple reports of these attacks.

ThreatCluster AI

Timeline

2025-12-09
Fortinet disclosed vulnerabilities CVE-2025-59718 and CVE-2025-59719
Recent
Attackers actively exploiting the vulnerabilities
Date unknown
Fortinet's PSIRT team initiated investigation

Community

Browse all →