Overview
- Fortinet shipped fixes for CVE-2025-59718 and CVE-2025-59719 in FortiOS, FortiWeb, FortiProxy and FortiSwitchManager, which allow FortiCloud SSO login bypass via crafted SAML messages.
- The company urges disabling FortiCloud SSO until updating, noting the feature is off by default but can be auto-enabled during FortiCare registration unless admins opt out.
- Fortinet also corrected authentication issues including an unverified password change (CVE-2025-59808) and a hash-accepted-as-password flaw (CVE-2025-64471).
- No confirmed in-the-wild exploitation of the new FortiCloud SSO bugs has been reported, yet recent Fortinet zero-days heighten the urgency to remediate.
- Parallel updates from Ivanti (EPM CVE-2025-10573 and three high-severity bugs) and SAP (14 fixes with three critical CVEs reported by Onapsis) reinforce the need for rapid cross-vendor patching.