Fortinet Fiasco: 25,000 Devices at Risk in a Comedy of Cybersecurity Errors
Over 25,000 Fortinet devices are online with FortiCloud SSO enabled, making them juicy targets for cybercriminals. While Fortinet patched the vulnerability, many devices remain exposed. It’s like leaving your house keys in the front door while a thief strolls by, whistling. Attention admins: time to latch that digital deadbolt!
Hot Take:
Fortinet’s got a vulnerability problem that’s as persistent as a bad rash, and cybercriminals are itching to exploit it! With over 25,000 Fortinet devices exposed online, it seems like our favorite cyber hooligans have found their playground. Who knew that FortiCloud SSO could be the latest trending feature for hackers? Looks like Fortinet needs a better security blanket, ASAP!
Key Points:
- More than 25,000 Fortinet devices are exposed online with FortiCloud SSO enabled.
- Critical authentication bypass vulnerabilities (CVE-2025-59718 and CVE-2025-59719) are actively exploited.
- Threat actors are using malicious SAML messages to gain admin access and download sensitive files.
- Over 5,400 vulnerable devices are in the U.S., and nearly 2,000 in India.
- CISA mandates U.S. government agencies to patch the vulnerability by December 23rd.
Already a member? Log in here