Cryptographic Signature Flaw in Fortinet FortiOS and FortiProxy Products
CVE-2025-59718
Key Information:
- Vendor
Fortinet
- Vendor
- CVE Published:
- 9 December 2025
Badges
What is CVE-2025-59718?
CVE-2025-59718 is a severe security vulnerability affecting Fortinet's FortiOS and FortiProxy products, specifically from versions 7.0.0 up to 7.6.3. This flaw pertains to improper verification of cryptographic signatures, which can be exploited by unauthorized attackers. The vulnerability allows an attacker to bypass the FortiCloud Single Sign-On (SSO) login authentication through the manipulation of SAML (Security Assertion Markup Language) response messages. If successfully exploited, organizations may find themselves at significant risk, as this could lead to unauthorized access to sensitive information and systems, as well as potential manipulation or disruption of services.
Given that Fortinet's products are widely utilized in network security infrastructures, the implications of this vulnerability can be far-reaching. Organizations that depend on FortiOS and FortiProxy for critical security functionalities must be aware of the potential for exposure, as the breach could facilitate further attacks or unauthorized actions within their network environments.
Potential impact of CVE-2025-59718
-
Unauthorized System Access: The primary impact of CVE-2025-59718 is the potential for unauthorized access to systems and data. Attackers can exploit the vulnerability to bypass authentication mechanisms, which may lead to unrestricted data retrieval and manipulation within the organization's network.
-
Increased Risk of Data Breaches: With the ability to bypass security measures, organizations become more susceptible to data breaches. Sensitive information may be compromised, leading to severe consequences, including regulatory fines, loss of customer trust, and reputational damage.
-
Disruption of Services: The vulnerability can be leveraged to disrupt normal operations by allowing attackers to manipulate service configurations or deploy malicious actions that could result in operational downtime, impacting business continuity and service delivery.
CISA has reported CVE-2025-59718
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-59718 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Affected Version(s)
FortiOS 7.6.0 <= 7.6.3
FortiOS 7.4.0 <= 7.4.8
FortiOS 7.2.0 <= 7.2.11
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
International Business Times UKFortiCloud SSO Exposure โ 25,000 Devices Vulnerable and Cyber Attacks Active
Thousands of Fortinet systems are at risk as attackers exploit a critical authentication-bypass vulnerability in FortiCloud SSO.
2 weeks ago
Help Net SecurityWeek in review: Exploited zero-day in Cisco email security appliances, Kali Linux 2025.4 released - Help Net Security
Hereโs an overview of some of last weekโs most interesting news, articles, interviews and videos: How researchers are teaching AI agents to ask for
2 weeks ago
Cyber PressMassive FortiCloud SSO Exposure Leaves 25,000+ Devices Vulnerable
The Shadowserver Foundation has identified over 25,000 internet-facing systems globally with Fortinet devices configured to use FortiCloud Single Sign-On (SSO).
2 weeks ago
References
EPSS Score
5% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- ๐ฐ
First article discovered by gbhackers.com
- ๐ฆ
CISA Reported
- ๐
Vulnerability started trending
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved