Bleeping Computer

Fortinet warns of critical FortiCloud SSO login auth bypass flaws

Fortinet has released security updates to address two critical vulnerabilities in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager that could allow attackers to bypass FortiCloud SSO ...
Bleeping Computer

Over 25,000 FortiCloud SSO devices exposed to remote attacks

Internet security watchdog Shadowserver has found over 25,000 Fortinet devices exposed online with FortiCloud SSO enabled, amid ongoing attacks targeting a critical authentication bypass vulnerability ...
CSOonline

Fortinet admins urged to update software to close FortiCloud SSO holes

Vulnerabilities could allow an attacker to bypass single sign-on login protection; users should disable SSO until patching is complete. Admins using FortiCloud SSO (single sign on) to authenticate ...
TechRadar

Fortinet products hit by further security flaws - giving hackers access to systems and more

Two critical SAML‑signature flaws (CVE‑2025‑59718/59719) let attackers bypass SSO across multiple Fortinet products Exploitation began December 12, with intruders pulling config files that expose ...
Dark Reading

Critical Fortinet Flaws Under Active Attack

The US Cybersecurity and Infrastructure Security Agency (CISA) has added a recently disclosed security flaw affecting multiple Fortinet network security and management platforms to its known exploited ...