Fortinet

Fortinet Confirms Exploitation of FortiCloud SSO Authentication Bypass Vulnerability on Patched Devices

Fortinet has confirmed that it is working to fully fix a FortiCloud SSO authentication bypass vulnerability, following reports of new exploit activity on firewalls that had already been fully patched. Discovery of New Attack Route Carl Windsor, CISO of Fortinet, reported that cases of exploitation have been identified on devices that were updated to the latest version available at the time of the attack. This suggests a new attack path that bypasses previously deployed patches to address CVE-2025-59718 and CVE-2025-59719. ...

Fortinet, Ivanti and SAP Address Critical Security Flaws in Their Products

Fortinet, Ivanti, and SAP have released updates to address critical security flaws in their products. These vulnerabilities could allow authentication bypass or remote code execution if successfully exploited. Fortinet Critical Vulnerabilities (CVE-2025-59718 and CVE-2025-59719) Fortinet has addressed two critical vulnerabilities (CVSS 9.8) affecting FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager. The flaws, identified as CVE-2025-59718 and CVE-2025-59719, are due to incorrect verification of the cryptographic signature (CWE-347). Impact: An unauthenticated attacker could bypass FortiCloud SSO login authentication via a crafted SAML message, if the FortiCloud SSO feature is enabled on the device. Temporary Mitigation: While this feature is not enabled by default, administrators should verify if it was enabled during device registration in FortiCare. It is recommended to temporarily disable the FortiCloud login feature until the update can be applied. Mitigation Instructions: ...

Fortinet warns of actively exploited FortiWeb command injection vulnerability

![Image Main](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhEKdkwpYxJC7o2i7S9wnA23qyb2BohSBPoI9nZSfX-qt7bRgSwxhDKYeogidmxxGNCSI0l- l-cKj8eJsA4bDVEjsUAiQVmw8bK6ZTE7omWqq7kSP0L_DpCG23Q91NjEx-lrepVUjzwSKo2 _H6Ke4I-7XOPHZAiGYhdHB3eTOCG8S_ksc1SEJU4PchDAuSM/s790-rw-e365/fort.jpg) Fortinet has issued a crucial security alert about a new vulnerability in its FortiWeb product (a web application firewall), confirming that the flaw is already being actively exploited by attackers. This vulnerability, classified as medium severity, requires immediate action by system administrators. Vulnerability Details (CVE-2025-58034) The security flaw, identified as CVE-2025-58034, has a CVSS score of 6.7. Fortinet describes it as a “Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’)” vulnerability (CWE-78). ...