Ptechhub
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
PtechHub
No Result
View All Result

Fortinet vulnerabilities prompt pre-holiday warnings | Computer Weekly

By Computer Weekly by By Computer Weekly
December 19, 2025
Home Uncategorized
Share on FacebookShare on Twitter


Two recently disclosed vulnerabilities discovered in Fortinet’s product portfolio have prompted a pre-holiday warning for defenders after being added to the Known Exploited Vulnerabilities (KEV) catalogue run by the US’ national cyber agency this week.

The two flaws, tracked as CVE-2025-59718 and CVE-2025-59719, enable a threat actor to bypass FortiCloud single sign-on (SSO) authentication via a maliciously crafted security assertion markup language (SAML) message. According to Fortinet, they are present in multiple versions of FortiOS, FortiWeb, FortiProxy and FortiSwitchManager.

It should be noted that while the vulnerable feature is not enabled by default in factory settings, it does activate automatically if and when a device is registered to the FortiCare tech service via the GUI unless the customer admin has explicitly opted out of this.

In a statement, the US Cybersecurity and Infrastructure Security Agency (CISA) said: “This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise.”

Initially reported by Fortinet on 9 December, multiple third parties are now reporting exploitation activity in progress against CVE-2025-59718 and CVE-2025-59719.

According to Rapid7 analysts – who have been trapping multiple exploit attempts against its honeypots after a proof-of-concept exploit was posted to GitHub, many of the observed attacks have seen attackers authenticate as the admin user and immediately download the target’s system configuration file – these can often hold hashed credentials.

“As a result, any organisation with indicators of compromise [IOCs] must assume credential exposure and respond accordingly. A vendor patch is available, and organisations can also take immediate defensive action by disabling FortiCloud SSO administrative login while remediation efforts are underway,” said the Rapid7 team.

Arctic Wolf researchers said that besides applying the available updates from Fortinet, organisations finding that they are affected should reset their firewall credentials as a precaution, on the basis that they may have been compromised and exfiltrated, and limit access to firewall and virtual private network (VPN) appliances to trusted internal users.

As its products are deeply embedded in many networks Fortinet is frequently targeted by threat actors as an initial access point to their victims’ wider IT environments, so further attempts against the latest pair of flaws are considered highly likely.

Christmas presents

Besides the Fortinet authentication bypass issues, CISA has added a few more high-profile flaws to the KEV catalogue in the run-up to the festive break.

These include CVE-2025-69374, an embedded malicious code vulnerability that has arisen in ASUS Live Update after unauthorised modifications were made in a supply chain cyber attack.

Multiple Cisco products, including AsyncOS software, Cisco Secure Email Gateway and Secure Email, and Web Manager appliances are at risk from an input validation vulnerability, tracked as CVE-2025-20393, via which a threat actor may be able to execute arbitrary commands with root privileges.

Finally, SonicWall users should address CVE-2025-40602, a missing authorisation flaw enabling privilege escalation on the appliance management console of SMA1000 series secure access gateways.

At the time of writing, none of the above-listed vulnerabilities have been observed being used in ransomware attacks.



Source link

By Computer Weekly

By Computer Weekly

Next Post
Cambium Networks Announces Compliance with Minimum Bid Price Rule and Appointment of Interim Chief Financial Officer

Cambium Networks Announces Compliance with Minimum Bid Price Rule and Appointment of Interim Chief Financial Officer

Recommended.

Epson Announces New TROY Group Document Security Solutions Powered by Epson PrecisionCore Printing Technology

Epson Announces New TROY Group Document Security Solutions Powered by Epson PrecisionCore Printing Technology

January 29, 2025
Softchoice Exec: Why Broadcom-VMware’s New VCF 9 ‘Is Meeting The Moment’

Softchoice Exec: Why Broadcom-VMware’s New VCF 9 ‘Is Meeting The Moment’

February 11, 2025

Trending.

AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

May 1, 2026
Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

May 4, 2026
Google’s 0 Million Partner Fund Targets AI Agent Era Channel Paradigm Shift

Google’s $750 Million Partner Fund Targets AI Agent Era Channel Paradigm Shift

April 24, 2026
ACP CreativIT Rebrands As Tusker, Mounts National Sales Charge, Eyes New Acquisitions

ACP CreativIT Rebrands As Tusker, Mounts National Sales Charge, Eyes New Acquisitions

January 13, 2026
Veeam Debuts Data Resiliency Maturity Model To Assess, Improve Customers’ Cyber Resiliency

Veeam Debuts Data Resiliency Maturity Model To Assess, Improve Customers’ Cyber Resiliency

April 23, 2025

PTechHub

A tech news platform delivering fresh perspectives, critical insights, and in-depth reporting — beyond the buzz. We cover innovation, policy, and digital culture with clarity, independence, and a sharp editorial edge.

Follow Us

Industries

  • AI & ML
  • Cybersecurity
  • Enterprise IT
  • Finance
  • Telco

Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Subscribe to Our Newsletter

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Copyright © 2025 | Powered By Porpholio

No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs

Copyright © 2025 | Powered By Porpholio