Fortinet Flaws: Hackers Crash the Admin Party with SSO Shenanigans!
Hackers have found a new hobby: exploiting vulnerabilities in Fortinet products to crash admin parties and swipe system configuration files. These exploits, CVE-2025-59718 and CVE-2025-59719, turn FortiCloud SSO into a not-so-secure sign-on, with attackers getting unauthorized access and making off with valuable data. Fortinet urges disabling FortiCloud SSO until safer versions are installed.
Hot Take:
Looks like the hackers are playing Santa with Fortinet systems, but instead of gifts, they’re leaving chaos under the admin’s firewall tree. These exploits are like the Grinch who stole Christmas, targeting Fortinet products to pilfer system configuration files. Fortinet users, it’s time to patch up before your network security gets stuffed down the chimney!
Key Points:
- Hackers are exploiting CVE-2025-59718 and CVE-2025-59719 vulnerabilities in Fortinet products.
- The vulnerabilities involve a FortiCloud SSO authentication bypass due to improper cryptographic signature verification.
- Targeted attacks focus on admin accounts to download system configuration files.
- Fortinet suggests disabling the FortiCloud login feature as a temporary measure.
- Admins should upgrade to specific Fortinet versions to address the vulnerabilities and secure their systems.