Overview
- Fortinet
- FortiWeb
09 Dec 2025
Published
10 Dec 2025
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
0.10%
KEV
Description
An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9 may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.
Statistics
- 1 Post
Last activity: 11 hours ago
Bluesky
The latest update for #ArcticWolf includes "CVE-2025-59718 and CVE-2025-59719: FortiCloud SSO Login Authentication Bypass" and "CVE-2025-55182: Critical Remote Code Execution Vulnerability Found in React Server Components".
#cybersecurity #infosec #networks https://opsmtrs.com/2ZFbaTl
Overview
- Fortinet
- FortiSwitchManager
09 Dec 2025
Published
10 Dec 2025
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
0.09%
KEV
Description
A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.10, FortiProxy 7.2.0 through 7.2.14, FortiProxy 7.0.0 through 7.0.21, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.
Statistics
- 1 Post
Last activity: 11 hours ago
Bluesky
The latest update for #ArcticWolf includes "CVE-2025-59718 and CVE-2025-59719: FortiCloud SSO Login Authentication Bypass" and "CVE-2025-55182: Critical Remote Code Execution Vulnerability Found in React Server Components".
#cybersecurity #infosec #networks https://opsmtrs.com/2ZFbaTl