Cryptographic Signature Flaw in Fortinet FortiOS and FortiProxy Products
CVE-2025-59718

9.1CRITICAL

Key Information:

Vendor

Fortinet
Status
Fortiswitchmanager
Fortiproxy
FortiOS
Vendor
CVE Published:
9 December 2025

Badges

πŸ”₯ Trending nowπŸ“ˆ TrendedπŸ“ˆ Score: 1,200

What is CVE-2025-59718?

CVE-2025-59718 is a severe security vulnerability affecting Fortinet's FortiOS and FortiProxy products, specifically from versions 7.0.0 up to 7.6.3. This flaw pertains to improper verification of cryptographic signatures, which can be exploited by unauthorized attackers. The vulnerability allows an attacker to bypass the FortiCloud Single Sign-On (SSO) login authentication through the manipulation of SAML (Security Assertion Markup Language) response messages. If successfully exploited, organizations may find themselves at significant risk, as this could lead to unauthorized access to sensitive information and systems, as well as potential manipulation or disruption of services.

Given that Fortinet's products are widely utilized in network security infrastructures, the implications of this vulnerability can be far-reaching. Organizations that depend on FortiOS and FortiProxy for critical security functionalities must be aware of the potential for exposure, as the breach could facilitate further attacks or unauthorized actions within their network environments.

Potential impact of CVE-2025-59718

  1. Unauthorized System Access: The primary impact of CVE-2025-59718 is the potential for unauthorized access to systems and data. Attackers can exploit the vulnerability to bypass authentication mechanisms, which may lead to unrestricted data retrieval and manipulation within the organization's network.

  2. Increased Risk of Data Breaches: With the ability to bypass security measures, organizations become more susceptible to data breaches. Sensitive information may be compromised, leading to severe consequences, including regulatory fines, loss of customer trust, and reputational damage.

  3. Disruption of Services: The vulnerability can be leveraged to disrupt normal operations by allowing attackers to manipulate service configurations or deploy malicious actions that could result in operational downtime, impacting business continuity and service delivery.

Affected Version(s)

FortiOS 7.6.0 <= 7.6.3

FortiOS 7.4.0 <= 7.4.8

FortiOS 7.2.0 <= 7.2.11

References

https://fortiguard.fortinet.com/psirt/FG-IR-25-647

CVSS V3.1

Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • πŸ“ˆ

    Vulnerability started trending

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-59718 : Cryptographic Signature Flaw in Fortinet FortiOS and FortiProxy Products