Executive Risk Summary
"A vulnerability in Fortinet FortiOS and FortiProxy allows an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message, potentially leading to unauthorized access to sensitive resources. This vulnerability affects multiple versions of FortiOS and FortiProxy, and exploitation has been observed in the wild."
Operational Audit Arsenal
Target Type Firmware Image
Target Asset FortiOS
Standard Path Global Firmware
Manual Verification Required
This is a non-Windows asset (Fortinet). Use the target asset details and official path provided above to verify your current version against the official vendor advisories listed below.
Patch Impact Forecast
Reboot Required Likely
Network connectivity may be interrupted during the update process
Internal Work Notes
CVE-2025-59718: FortiOS and FortiProxy vulnerability allowing bypass of FortiCloud SSO login authentication, requiring immediate patching to prevent unauthorized access
Technical Intelligence & Operational Utilities • Delivered Weekly
Intelligence Sources
Official Advisoryhttps://fortiguard.fortinet.com/psirt/FG-IR-25-647
Official Advisoryhttps://arcticwolf.com/resources/blog/arctic-wolf-observes-malicious-sso-logins-following-disclosure-cve-2025-59718-cve-2025-59719/
Official Advisoryhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-59718
Related Fortinet Threats
Data compiled from NVD, MSRC, and CISA KEV Catalog. Intelligence synthesized via AI. Scripts provided for diagnostic purposes under MIT License.