Improper Cryptographic Signature Validation in Fortinet FortiWeb Products
CVE-2025-59719

9.1CRITICAL

Key Information:

Vendor

Fortinet
Status
Fortiweb
Vendor
CVE Published:
9 December 2025

Badges

πŸ“° News Worthy

What is CVE-2025-59719?

A flaw in Fortinet's FortiWeb products allows an unauthenticated attacker to exploit improper verification of cryptographic signatures. By crafting a malicious SAML response message, attackers can potentially bypass FortiCloud Single Sign-On (SSO) login authentication, leading to unauthorized access. This vulnerability affects specific versions of FortiWeb, highlighting the importance of prompt updates and mitigations by users.

Affected Version(s)

FortiWeb 8.0.0

FortiWeb 7.6.0 <= 7.6.4

FortiWeb 7.4.0 <= 7.4.9

News Articles

favicon imageInternational Business Times UK

FortiCloud SSO Exposure β€” 25,000 Devices Vulnerable and Cyber Attacks Active

Thousands of Fortinet systems are at risk as attackers exploit a critical authentication-bypass vulnerability in FortiCloud SSO.

2 weeks ago

favicon imageCyber Press

Massive FortiCloud SSO Exposure Leaves 25,000+ Devices Vulnerable

The Shadowserver Foundation has identified over 25,000 internet-facing systems globally with Fortinet devices configured to use FortiCloud Single Sign-On (SSO).

2 weeks ago

favicon imageIT Pro

Two Fortinet vulnerabilities are being exploited in the wild – patch now

Arctic Wolf and Rapid7 have urged security teams to act immediately to mitigate two critical Fortinet vulnerabilities.

2 weeks ago

References

https://fortiguard.fortinet.com/psirt/FG-IR-25-647

CVSS V3.1

Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • πŸ“°

    First article discovered by SC Media

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-59719 : Improper Cryptographic Signature Validation in Fortinet FortiWeb Products