Funforgegames
Technology

Fortinet products hit by further security flaws - giving hackers access to systems and more

December 17, 2025 5 min read views
Fortinet products hit by further security flaws - giving hackers access to systems and more
  1. Pro
  2. Security
Fortinet products hit by further security flaws - giving hackers access to systems and more News By Sead Fadilpašić published 17 December 2025

Two new Fortinet flaws are being actively abused in the wild

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Password recovery concept image showing man typing on a keyboard with an overlay imitating password recovery and data recovery principles (Image credit: Shutterstock) Share Share by:
  • Copy link
  • Facebook
  • X
  • Whatsapp
  • Reddit
  • Pinterest
  • Flipboard
  • Threads
Share this article 0 Join the conversation Follow us Add us as a preferred source on Google
  • Two critical SAML‑signature flaws (CVE‑2025‑59718/59719) let attackers bypass SSO across multiple Fortinet products
  • Exploitation began December 12, with intruders pulling config files that expose network layouts and hashed passwords
  • Fortinet urges disabling FortiCloud login and upgrading immediately to the patched versions listed

Two new critical vulnerabilities have been discovered in Fortinet products, and since they are being actively abused in the wild, both the company and security researchers are urging users to upgrade to the newest version as soon as possible.

In a newly released security advisory (via BleepingComputer), Fortinet said it discovered an SSO authentication bypass bug in FortiOS, FortiProxy, and FortiSwitchManager, caused by improper verification of cryptographic signatures in SAML messages.

As a result, a threat actor can submit a maliciously crafted SAML assertion and log in without proper credentials.

You may like
  • Abstract illustration of a firewall protecting servers Fortinet customers told to update immediately following major security issue - here's what we know
  • Best free Linux firewalls Fortinet admits it found another worrying zero-day being exploited in attacks
  • Best free Linux firewalls WatchGuard warns users Firebox firewalls may have a critical issue - here's what we know

Disabling FortiCloud login

The bug is tracked as CVE-2025-59718, and was given a severity score of 9.8/10 (critical). It affects multiple versions of the products:

FortiOS 7.6.0 through 7.6.3,7.4.0 through 7.4.8,7.2.0 through 7.2.1,7.0.0 through 7.0.17,FortiProxy 7.6.0 through 7.6.3,7.4.0 through 7.4.10, 7.2.0 through 7.2.14,7.0.0 through 7.0.21FortiSwitchManager 7.2.0 through 7.2.6, 7.0.0 through 7.0.5

The second vulnerability is also an SSO authentication bypass, but this time in FortiWeb. It stems from a similar bug with the cryptographic signature validation of SAML messages. This one is tracked as CVE-2025-59719 and also has a severity score of 9.8/10 (critical).

Affected versions include:

Are you a pro? Subscribe to our newsletterContact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

8.0.07.6.0 through 7.5.4,7.4.0 through 7.4.9.

At the same time, security researchers Arctic Wolf are saying cybercriminals started exploiting the bugs on December 12 and using them to download system configuration files. That allows them to expose network layouts, internet-facing appliances, firewall settings, and possibly even hashed passwords.

To defend from such intrusions, Fortinet suggests admins running vulnerable versions disable the FortiCloud login feature, and upgrade to a cleaner version as soon as possible, including any of these:

FortiOS 7.6.4+, 7.4.9+, 7.2.12+, and 7.0.18+FortiProxy 7.6.4+, 7.4.11+, 7.2.15+, 7.0.22+FortiSwitchManager 7.2.7+, 7.0.6+FortiWeb 8.0.1+, 7.6.5+, 7.4.10+

Best antivirus software headerThe best antivirus for all budgetsOur top picks, based on real-world testing and comparisons

➡️ Read our full guide to the best antivirus1. Best overall:Bitdefender Total Security2. Best for families:Norton 360 with LifeLock3. Best for mobile:McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead FadilpašićSocial Links Navigation

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Show More Comments

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Logout Read more Abstract illustration of a firewall protecting servers Fortinet customers told to update immediately following major security issue - here's what we know    Best free Linux firewalls Fortinet admits it found another worrying zero-day being exploited in attacks    Best free Linux firewalls WatchGuard warns users Firebox firewalls may have a critical issue - here's what we know    Cyber-security Experts warn Gladinet file sharing tool flaw prompts dangerous cyberattacks - and there's no patch    Best free Linux firewalls Worrying WatchGuard VPN bug could let hackers hijack your devices - here's how to stay safe    cisco logo Cisco firewalls are facing another huge surge of attacks - here's what we know about these latest issues    Latest in Security PayPal Debit card PayPal user beware - experts warn subscriptions being abused to send fake purchase emails    A hand holding a phone with the AWS logo in front of the AWS logo on an orange background AWS systems targeted by crypto mining scam using hijacked IAM credentials    Woman hands and flag of Venezuela on computer, laptop keyboard Venezuelan oil giant PVDSA hit by cyberattack amid US conflict    Hacker with malware code in computer screen. Cybersecurity, privacy or cyber attack. Programmer or fraud criminal writing virus software. Online firewall and privacy crime. Web data engineer Experts warn Chinese "Ink Dragon" hackers extend reach into European governments    Firefox icon Firefox security warning - multiple browser addons found to be riddled with malware, so be on your guard    Pornhub Pornhub cyberattack sees some Premium members data stolen - here's what we know so far    Latest in News US actor producer Tom Cruise and US actress dancer Debbie Allen pose with their Honorary Academy Awards on stage during the 16th Governors Awards at the Ray Dolby Ballroom at Ovation Hollywood in Los Angeles on November 16, 2025. (Photo by MICHAEL TRAN/AFP via Getty Images) YouTube just won THE Oscars, and the iconic show is set to leave ABC in 2029    Unitree G1 Unitree's new app store reminds us that you can make a robot do anything — if you have the code    An Nvidia GeForce RTX 5070 Nvidia could drastically reduce supply of its RTX 5000 gaming GPUs in 2026    malware Urban VPN Proxy is the latest free VPN spying on users – here's how to stay safe    Proton VPN Logo Official Proton VPN app lands on even more Linux devices    Viltrox AF 35mm F1.2 LAB lens Nikon Z-mount version, attached to a Nikon mirrorless camera My dream Nikon lens has finally landed – an affordable 35mm f/1.2 prime    LATEST ARTICLES
  1. 1James Cameron fires back at 3D critics as new Avatar lawsuit surfaces
  2. 2Nvidia could drastically reduce supply of its RTX 5000 gaming GPUs in 2026
  3. 3Ford is switching some battery focus from cars to data centers - with plans for huge 20GWh capacity
  4. 4Dell reportedly preparing massive price hikes for commercial clients - and warns "Ordering today for future delivery DOES NOT lock in current pricing"
  5. 5YouTube just won THE Oscars, and the iconic show is set to leave ABC in 2029

Related Articles