Fortinet Confirms Exploitation of FortiCloud SSO Authentication Bypass Vulnerability on Patched Devices
Fortinet has confirmed that it is working to fully fix a FortiCloud SSO authentication bypass vulnerability, following reports of new exploit activity on firewalls that had already been fully patched. Discovery of New Attack Route Carl Windsor, CISO of Fortinet, reported that cases of exploitation have been identified on devices that were updated to the latest version available at the time of the attack. This suggests a new attack path that bypasses previously deployed patches to address CVE-2025-59718 and CVE-2025-59719. ...