Fortinet’s Latest Security Flaws: Hackers Get a Sneaky SSO Shortcut!
Threat actors are exploiting new Fortinet FortiGate security flaws. Arctic Wolf reports malicious SSO logins and urges immediate patching. Vulnerabilities allow unauthenticated SSO bypass via crafty SAML messages. FortiCloud SSO is auto-enabled during registration, so turn it off! Protect your firewalls and VPNs; they’re prime hacker snack material!
Hot Take:
Holy Firewall, Batman! Fortinet’s FortiGate devices are under siege by cyber villains exploiting fresh-off-the-press security flaws. It’s like the ‘fastest fingers first’ game, but with a twist of cybercriminal intent. Time to patch up and batten down the digital hatches before these virtual pirates commandeer your network ship!
Key Points:
- Two critical vulnerabilities (CVE-2025-59718 and CVE-2025-59719) are being actively exploited in Fortinet FortiGate devices.
- The flaws allow unauthenticated bypass of SSO login via crafted SAML messages.
- Arctic Wolf observed malicious activity involving FortiGate appliances.
- Fortinet released patches for affected products, but immediate action is necessary.
- Organizations are advised to disable FortiCloud SSO and limit access to management interfaces.
Already a member? Log in here