A recently disclosed pair of vulnerabilities affecting Fortinet devices—CVE-2025-59718 and CVE-2025-59719—are drawing urgent attention after confirmation of their active exploitation in the wild. The vulnerabilities carry a critical CVSSv3 score and allow an unauthenticated remote attacker to bypass authentication using a crafted SAML message, ultimately gaining administrative access to the device.
Current information indicates that the two CVEs have the same root cause and are differentiated by the products affected: CVE-2025-59719 specifically affects FortiWeb, while CVE-2025-59718 affects FortiOS, FortiProxy, and FortiSwitchManager. While the vulnerable FortiCloud SSO feature is disabled by default in factory settings, it is automatically enabled when a device is registered to FortiCare via the GUI, unless an administrator explicitly opts out.
Read more…
Source: Rapid7
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Kansas City SCOUT cameras, highway message boards ‘down until further notice’, officials blame cyber attack
April 25, 2024
The traffic cameras, tracking systems and message boards used by many throughout the Kansas City metro area are down until further notice due to what officials are calling a cyber attack. Officials with the Kansas City Scout system said early this morning all SCOUT systems went down until further notice. This included the KC SCOUT website, ...
- Why tourists are particularly vulnerable to cyber attacks
April 25, 2024
Travelling abroad always comes with the potential risk of cybercrime threats including spoofing, phishing attacks, catfishing, fraudulent links and calls, spamming, etc. These travel risks are more for tourists who are generally travelling to a new country for the first time or are alone. They don’t know much about the native language of the new place ...
- Polish minister says government used spyware against hundreds of people
April 25, 2024
The use of spyware in Poland under the previous government resulted in accusations that the authorities were abusing power and eroding democratic guardrails. Poland’s prosecutor general said on Wednesday that Pegasus spyware was used against hundreds of people during the former Polish government. Adam Bodnar told lawmakers that he found the scale of the surveillance to ...
- UK: Personal details of 200,000 people at risk after neighbourhood watch system data breach
April 24, 2024
The names, email addresses and telephone numbers of up to 200,000 people could have been obtained by hackers following a major data breach at a police-backed alert system. Bosses at the company which manages the ‘In The Know’ alert system, which is used by Lancashire Police and Lancashire Fire and Rescue Service, have apologised. Read more… Source: MSN ...
- United Nations investigating potential ransomware attack after data ripped from IT systems
April 23, 2024
Hackers managed to break into the United Nations Development Programme (UNDP) IT systems in Copenhagen, stealing a wide range of sensitive data. Ransomware gang 8Base has claimed responsibility, posting on its own website that the group had managed to get its hands on employment contracts, personal data, invoices and much more Read more… Source: MSN News Sign up for ...
- Are We Ready for a Cyber Attack on Food and Farming?
April 23, 2024
Federal officials and lawmakers are preparing to defend against cyber attacks that would leave residents without reliable access to food by targeting the food and agriculture sectors. The latest preparation effort is Cyber Storm — a massive, multiday tabletop exercise involving state, local, tribal, territorial, federal and private-sector organizations — and it probed how well participants ...