CVE 9.1 CRITICAL

CVE-2025-59719_CVE-2025-59719

December 9, 2025 invoker category_cve

9.1 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

Description

An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9 may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.

AI Analysis

Improper verification of cryptographic signature allows unauthenticated attackers to bypass FortiCloud SSO login authentication

Basic Information

ID CVE-2025-59719

Source fortinet

Published Dec 9, 2025 at 17:20

Affected Product

Vendor Fortinet

Product FortiWeb

Version 8.0.0

Affected Versions Fortinet FortiWeb 8.0.0
Fortinet FortiWeb 7.6.0
Fortinet FortiWeb 7.4.0

CWE Classification

CWE-347

AI Assessment

AI Score 9.1 / 10

AI Severity Critical

Vendor Fortinet

Product FortiWeb

Version 8.0.0, 7.6.0-7.6.4, 7.4.0-7.4.9

References

fortiguard.fortinet.com /psirt/FG-IR-25-647

{
    "lastseen": "",
    "description": "An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9 may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.",
    "published": "2025-12-09T17:20:11.763Z",
    "modified": "2025-12-09T17:20:11.763Z",
    "type": "cve",
    "title": "CVE-2025-59719",
    "source": "fortinet",
    "references": "https://fortiguard.fortinet.com/psirt/FG-IR-25-647",
    "id": "CVE-2025-59719",
    "bulletinFamily": "",
    "cwe": [
        "CWE-347"
    ],
    "cvelist": null,
    "sourceData": "Fortinet FortiWeb 8.0.0\nFortinet FortiWeb 7.6.0\nFortinet FortiWeb 7.4.0",
    "sourceHref": "",
    "cvss": {
        "score": 9.1,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "FortiWeb",
    "version": "8.0.0",
    "vendor": "Fortinet",
    "ai_description": "Improper verification of cryptographic signature allows unauthenticated attackers to bypass FortiCloud SSO login authentication",
    "ai_severity": "Critical",
    "ai_vendor": "Fortinet",
    "ai_product": "FortiWeb",
    "ai_version": "8.0.0, 7.6.0-7.6.4, 7.4.0-7.4.9",
    "ai_score": 9.1
}

💭 Join the Security Discussion ❌ Cancel Reply