#fortigate

[ follow ]
#sso-vulnerability #cve-2025-59718 #cve-2025-59719 #patching #fortinet #cybersecurity #vulnerability
fromThe Hacker News
1 day ago

Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass

Cybersecurity company Arctic Wolf said it observed active intrusions involving malicious single sign-on (SSO) logins on FortiGate appliances on December 12, 2025. The attacks exploit two critical authentication bypasses (CVE-2025-59718 and CVE-2025-59719, CVSS scores: 9.8). Patches for the flaws were released by Fortinet last week for FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager. "These vulnerabilities allow unauthenticated bypass of SSO login authentication via crafted SAML messages, if the FortiCloud SSO feature is enabled on affected devices," Arctic Wolf Labs said in a new bulletin.
Information security
Information security
fromThe Hacker News
8 months ago

Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit

Fortinet warns that attackers maintain read-only access to vulnerable FortiGate devices by exploiting symlinks, despite patching initial vulnerabilities.
[ Load more ]