CVE-2025-59718CRITICAL 9.8CISA KEVEPSS p99.1%

CVE-2025-59718Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability

Fortinet / Multiple Products

Description

Fortinet FortiOS, FortiSwitchMaster, FortiProxy, and FortiWeb contain an improper verification of cryptographic signature vulnerability that may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML message. Please be aware that CVE-2025-59719 pertains to the same problem and is mentioned in the same vendor advisory. Ensure to apply all patches mentioned in the advisory.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS63.48% probability of exploitation · percentile 99.1% · 2026-06-18T12:00:27Z
Published2025-12-09
Last modified2026-06-09

CISA KEV entry

Added to KEV: 2025-12-16

Underlying weaknesses· 1

CWE-347

References

  1. https://fortiguard.fortinet.com/psirt/FG-IR-25-647
  2. https://arcticwolf.com/resources/blog/arctic-wolf-observes-malicious-sso-logins-following-disclosure-cve-2025-59718-cve-2025-59719/
  3. https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-59718

1

TypeTargetConfidenceTier
WeaknessImproper Verification of Cryptographic Signaturecwe-3470%live

(incoming)1

TypeTargetConfidenceTier
KEVEntryFortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerabilitykev-cve-2025-597180%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-59719
CVE
CVE-2025-53847
CVE
CVE-2025-54821
CVE
Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel Vulnerability
CVE
CVE-2025-24471
CVE
CVE-2025-49201
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.