CVE 9.1 CRITICAL

CVE-2025-59718_CVE-2025-59718

December 9, 2025 invoker category_cve
9.1 / 10
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

Description

A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.10, FortiProxy 7.2.0 through 7.2.14, FortiProxy 7.0.0 through 7.0.21, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.

AI Analysis

Improper verification of cryptographic signature allows unauthenticated attacker to bypass FortiCloud SSO login authentication

Basic Information

ID CVE-2025-59718
Source fortinet
Published Dec 9, 2025 at 17:20

Affected Product

Vendor Fortinet
Product FortiSwitchManager
Version 7.2.0
Affected Versions Fortinet FortiSwitchManager 7.2.0
Fortinet FortiSwitchManager 7.0.0
Fortinet FortiProxy 7.6.0
Fortinet FortiProxy 7.4.0
Fortinet FortiProxy 7.2.0
Fortinet FortiProxy 7.0.0
Fortinet FortiOS 7.6.0
Fortinet FortiOS 7.4.0
Fortinet FortiOS 7.2.0
Fortinet FortiOS 7.0.0

CWE Classification

CWE-347

AI Assessment

AI Score 9.1 / 10
AI Severity Critical
Vendor Fortinet
Product FortiOS, FortiProxy, FortiSwitchManager
Version 7.0.0-7.0.21, 7.2.0-7.2.14, 7.4.0-7.4.10, 7.6.0-7.6.3

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.