vulnerability🌐InternationalSecurity Affairs
U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog
Wednesday, December 17, 2025
What
A critical vulnerability in Fortinet products enables attackers to bypass authentication and gain unauthorized access to device configurations.
Where
Multiple organizations using Fortinet products globally, particularly those utilizing FortiCloud SSO.
When
The vulnerability was patched on December 9, 2025, and exploitation was observed starting December 12, 2025.
Key Factors
- •CVE-2025-59718 has a CVSS score of 9.1, indicating high severity.
- •The vulnerability affects FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager when FortiCloud SSO is enabled.
- •Attackers exploited the flaw to perform malicious SSO logins and export device configurations.
Takeaways
- →Organizations should disable FortiCloud SSO admin login until they can upgrade to secure versions.
- →The rapid exploitation of vulnerabilities post-patch highlights the need for timely updates and monitoring.
- →CISA mandates federal agencies to address these vulnerabilities by December 23, 2025.
Read Full Article
Opens original article on Security Affairs
