Fortinet has revealed a vulnerability in multiple products, including FortiOS, FortiSwitchMaster, FortiProxy, and FortiWeb, due to improper cryptographic signature verification. This flaw could allow attackers to bypass cloud login authentication using crafted SAML messages. #FortiOS #CryptographicVulnerability
Keypoints
- The vulnerability affects several Fortinet products, including FortiWeb and FortiProxy.
- Attackers may exploit the flaw to bypass FortiCloud SSO login authentication.
- Two related CVEs, CVE-2025-59718 and CVE-2025-59719, describe the same issue.
- Users are advised to apply all recommended patches and follow vendor instructions for mitigation.
- The vulnerability is not yet linked to any known ransomware campaigns, but mitigation is strongly recommended.
Read More: https://www.cisa.gov/known-exploited-vulnerabilities-catalog