Fortinet has identified multiple critical vulnerabilities in a number of Fortinet products.
One vulnerability (CVE-2025-59718) involves improper verification of cryptographic signatures in versions of Fortinet FortiOS, FortiProxy, and FortiSwitchManager, which could allow an unauthenticated attacker to bypass FortiCloud SSO login authentication via a crafted SAML response message.
Another vulnerability (CVE-2025-59719) involves improper verification of cryptographic signatures in Fortinet FortiWeb, which could allow an unauthenticated attacker to bypass FortiCloud SSO login authentication via a crafted SAML response message.
The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) recommends that organisations take immediate action to mitigate affected products, apply the latest patches and investigate for potential compromise.
The vulnerabilities impact FortiOS 7.0.0 through 7.0.17, 7.2.0 through 7.2.11, 7.4.0 through 7.4.8 and 7.6.0 through 7.6.3; FortiProxy 7.0.0 through 7.0.21, 7.2.0 through 7.2.14, 7.4.0 through 7.4.10 and 7.6.0 through 7.6.3; FortiSwitchManager 7.0.0 through 7.0.5 and 7.2.0 through 7.2.6; and FortiWeb 7.4.0 through 7.4.9, 7.6.0 through 7.6.4 and 8.0.0.
The ACSC said that Australian organisations should review their networks for use of vulnerable versions of the Fortinet Products, and consult the Fortinet Advisory for mitigation advice and patching.
Mitigation may include disabling FortiCloud login (if enabled) until the latest patches are applied.
Organisations should also investigate for any unauthorised access or compromise of affected products.
.png&h=142&w=230&c=1&s=1)
.jpg&w=100&c=1&s=0)
_(8).jpg&w=100&c=1&s=0)
