EXECUTIVE SUMMARY
Two critical Fortinet vulnerabilities (CVE-2025-59718 and CVE-2025-59719) allow unauthenticated attackers to bypass FortiCloud SSO via improper SAML signature verification.
- CVE ID: CVE-2025-59718, CVE-2025-59719
- Active Region: Global
- Affected Sector: Any sector using Fortinet network/security infrastructure
- Affected Product: FortiOS, FortiProxy, FortiSwitchManager, FortiWeb
- Severity: Critical
- Published Date: December 09, 2025
TECHNICAL DETAILS
- Target: This vulnerability targets Fortinet devices that have FortiCloud SSO enabled, including FortiOS, FortiProxy, FortiSwitchManager, and FortiWeb systems. By exploiting the flaw, attackers can gain administrative access to critical network-security infrastructure and assume control over enforcement and management functions.
- Root Cause: The root cause is a failure to properly validate the cryptographic signature in SAML authentication responses, allowing forged assertions to pass as legitimate. This breakdown in signature verification undermines the integrity of the federated login process and enables unauthorized administrative access without credentials.
- Prerequistic For Exploitation: To exploit this vulnerability, the attacker must be able to reach the device’s management interface and have FortiCloud SSO…..
