CVE-2025-59719

CWE-34710 documents8 sources

Severity

9.8CRITICAL

EPSS

0.2%

top 63.11%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Fortinet Fortiweb

Timeline

PublishedDec 9

Latest updateDec 19

Description

An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9 may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5fortinet/fortiweb7.6.0 — 7.6.4+2

▶NVDfortinet/fortiweb7.4.0 — 7.4.9+2

🔴Vulnerability Details

GHSA

GHSA-chq4-235q-jp7w: An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8↗2025-12-09

▶

CVEList

CVE-2025-59719: An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8↗2025-12-09

▶

VulnCheck

Fortinet FortiWeb Improper Verification of Cryptographic Signature↗2025

▶

📋Vendor Advisories

CISA

Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability↗2025-12-16

▶

Fortinet

Multiple Fortinet Products' FortiCloud SSO Login Authentication Bypass↗2025-12-09

▶

🕵️Threat Intelligence

Bleepingcomputer

Over 25,000 FortiCloud SSO devices exposed to remote attacks↗2025-12-19

▶

Bleepingcomputer

Hackers exploit newly patched Fortinet auth bypass flaws↗2025-12-16

▶

Bleepingcomputer

Fortinet warns of critical FortiCloud SSO login auth bypass flaws↗2025-12-09

▶

Wiz

CVE-2025-59719 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶