breachπInternationalCSO Online
FortiGate firewall credentials being stolen after vulnerabilities discovered
Wednesday, December 17, 2025
What
Threat actors are exploiting authentication bypass vulnerabilities in Fortinet devices, leading to unauthorized access attempts and potential breaches.
Where
Organizations using Fortinet devices globally, particularly those with FortiGate firewalls.
When
Vulnerabilities were disclosed on December 9, 2025, with exploitation attempts observed starting December 12, 2025.
Key Factors
- β’Vulnerabilities CVE-2025-59718 and CVE-2025-59719 allow unauthenticated access to FortiCloud SSO.
- β’Hundreds of thousands of Fortinet devices are potentially exposed on the public internet.
- β’CISA has added one of the vulnerabilities to its Known Exploited Vulnerabilities catalog, mandating immediate remediation for federal agencies.
Takeaways
- βOrganizations must prioritize patching vulnerable Fortinet devices to mitigate risks.
- βThe rapid exploitation of newly discovered vulnerabilities highlights the need for enhanced cybersecurity measures.
- βImplementing credential rotation and least privilege principles can help prevent data breaches.
Read Full Article
Opens original article on CSO Online
