The Daily Patch
Back to News
vulnerability🌐InternationalHeise Security

Patch Now! Attackers Exploiting Critical Vulnerability in Fortinet Products

Wednesday, December 17, 2025

Patch Now! Attackers Exploiting Critical Vulnerability in Fortinet Products

What

Two critical vulnerabilities in Fortinet's systems can be exploited by attackers to bypass SSO authentication and gain unauthorized access.

Where

Fortinet's products used globally, affecting organizations utilizing these systems.

When

The vulnerabilities were reported recently, with a warning issued for immediate action.

Key Factors

  • Vulnerabilities identified as CVE-2025-59718 and CVE-2025-59719.
  • SSO must be enabled for the vulnerabilities to be exploitable.
  • Fortinet has released security updates to address these vulnerabilities.

Takeaways

  • Administrators should verify SSO settings and apply security updates promptly.
  • Organizations must remain vigilant about authentication mechanisms to prevent unauthorized access.
  • If updates cannot be applied immediately, SSO should be disabled as a temporary measure.
Read Full Article

Opens original article on Heise Security

Similar News

Over 10K Fortinet Firewalls Exposed to Actively Exploited 2FA Bypass

Over 10K Fortinet Firewalls Exposed to Actively Exploited 2FA Bypass

Kimwolf Botnet Exploits Residential Proxies to Infiltrate Home Networks

Kimwolf Botnet Exploits Residential Proxies to Infiltrate Home Networks

RondoDox Botnet Exploits Critical React2Shell Flaw in Next.js Servers

RondoDox Botnet Exploits Critical React2Shell Flaw in Next.js Servers

IBM API Connect Critical Authentication Bypass Disclosed

IBM API Connect Critical Authentication Bypass Disclosed