CVE-2025-59718
BaseFortify
Publication date: 2025-12-09
Last updated on: 2025-12-17
Assigner: Fortinet, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| fortinet | fortiproxy | From 7.6.0 (inc) to 7.6.4 (inc) |
| fortinet | fortiproxy | From 7.6.0 (inc) to 7.6.4 (inc) |
| fortinet | fortiproxy | From 7.6.0 (inc) to 7.6.4 (inc) |
| fortinet | fortiswitchmanager | From 7.2.0 (inc) to 7.2.7 (inc) |
| fortinet | fortios | From 7.4.0 (inc) to 7.4.9 (inc) |
| fortinet | fortios | From 7.4.0 (inc) to 7.4.9 (inc) |
| fortinet | fortios | From 7.4.0 (inc) to 7.4.9 (inc) |
| fortinet | fortios | From 7.4.0 (inc) to 7.4.9 (inc) |
| fortinet | fortiswitchmanager | From 7.2.0 (inc) to 7.2.7 (inc) |
| fortinet | fortiproxy | From 7.6.0 (inc) to 7.6.4 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-347 | The product does not verify, or incorrectly verifies, the cryptographic signature for data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an improper verification of cryptographic signatures in certain versions of Fortinet FortiOS, FortiProxy, and FortiSwitchManager. It allows an unauthenticated attacker to bypass the FortiCloud Single Sign-On (SSO) login authentication by using a specially crafted SAML response message.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability can bypass authentication without valid credentials, potentially gaining unauthorized access to systems protected by FortiCloud SSO. This can lead to full compromise of confidentiality, integrity, and availability of affected systems.