Vulnerability Details CVE-2025-59718
A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.10, FortiProxy 7.2.0 through 7.2.14, FortiProxy 7.0.0 through 7.0.21, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.
Exploit prediction scoring system (EPSS) score
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2025-59718
-
cpe:2.3:a:fortinet:fortiproxy:7.0.0
-
cpe:2.3:a:fortinet:fortiproxy:7.0.1
-
cpe:2.3:a:fortinet:fortiproxy:7.0.10
-
cpe:2.3:a:fortinet:fortiproxy:7.0.11
-
cpe:2.3:a:fortinet:fortiproxy:7.0.12
-
cpe:2.3:a:fortinet:fortiproxy:7.0.13
-
cpe:2.3:a:fortinet:fortiproxy:7.0.14
-
cpe:2.3:a:fortinet:fortiproxy:7.0.15
-
cpe:2.3:a:fortinet:fortiproxy:7.0.16
-
cpe:2.3:a:fortinet:fortiproxy:7.0.17
-
cpe:2.3:a:fortinet:fortiproxy:7.0.18
-
cpe:2.3:a:fortinet:fortiproxy:7.0.19
-
cpe:2.3:a:fortinet:fortiproxy:7.0.2
-
cpe:2.3:a:fortinet:fortiproxy:7.0.20
-
cpe:2.3:a:fortinet:fortiproxy:7.0.21
-
cpe:2.3:a:fortinet:fortiproxy:7.0.3
-
cpe:2.3:a:fortinet:fortiproxy:7.0.4
-
cpe:2.3:a:fortinet:fortiproxy:7.0.5
-
cpe:2.3:a:fortinet:fortiproxy:7.0.6
-
cpe:2.3:a:fortinet:fortiproxy:7.0.7
-
cpe:2.3:a:fortinet:fortiproxy:7.0.8
-
cpe:2.3:a:fortinet:fortiproxy:7.0.9
-
cpe:2.3:a:fortinet:fortiproxy:7.2.0
-
cpe:2.3:a:fortinet:fortiproxy:7.2.1
-
cpe:2.3:a:fortinet:fortiproxy:7.2.10
-
cpe:2.3:a:fortinet:fortiproxy:7.2.11
-
cpe:2.3:a:fortinet:fortiproxy:7.2.12
-
cpe:2.3:a:fortinet:fortiproxy:7.2.13
-
cpe:2.3:a:fortinet:fortiproxy:7.2.14
-
cpe:2.3:a:fortinet:fortiproxy:7.2.2
-
cpe:2.3:a:fortinet:fortiproxy:7.2.3
-
cpe:2.3:a:fortinet:fortiproxy:7.2.4
-
cpe:2.3:a:fortinet:fortiproxy:7.2.5
-
cpe:2.3:a:fortinet:fortiproxy:7.2.6
-
cpe:2.3:a:fortinet:fortiproxy:7.2.7
-
cpe:2.3:a:fortinet:fortiproxy:7.2.8
-
cpe:2.3:a:fortinet:fortiproxy:7.2.9
-
cpe:2.3:a:fortinet:fortiproxy:7.4.0
-
cpe:2.3:a:fortinet:fortiproxy:7.4.1
-
cpe:2.3:a:fortinet:fortiproxy:7.4.10
-
cpe:2.3:a:fortinet:fortiproxy:7.4.2
-
cpe:2.3:a:fortinet:fortiproxy:7.4.3
-
cpe:2.3:a:fortinet:fortiproxy:7.4.4
-
cpe:2.3:a:fortinet:fortiproxy:7.4.5
-
cpe:2.3:a:fortinet:fortiproxy:7.4.6
-
cpe:2.3:a:fortinet:fortiproxy:7.4.7
-
cpe:2.3:a:fortinet:fortiproxy:7.4.8
-
cpe:2.3:a:fortinet:fortiproxy:7.4.9
-
cpe:2.3:a:fortinet:fortiproxy:7.6.0
-
cpe:2.3:a:fortinet:fortiproxy:7.6.1
-
cpe:2.3:a:fortinet:fortiproxy:7.6.2
-
cpe:2.3:a:fortinet:fortiproxy:7.6.3
-
cpe:2.3:a:fortinet:fortiswitchmanager:7.0.0
-
cpe:2.3:a:fortinet:fortiswitchmanager:7.0.1
-
cpe:2.3:a:fortinet:fortiswitchmanager:7.0.2
-
cpe:2.3:a:fortinet:fortiswitchmanager:7.0.3
-
cpe:2.3:a:fortinet:fortiswitchmanager:7.0.4
-
cpe:2.3:a:fortinet:fortiswitchmanager:7.0.5
-
cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0
-
cpe:2.3:a:fortinet:fortiswitchmanager:7.2.1
-
cpe:2.3:a:fortinet:fortiswitchmanager:7.2.2
-
cpe:2.3:a:fortinet:fortiswitchmanager:7.2.3
-
cpe:2.3:a:fortinet:fortiswitchmanager:7.2.4
-
cpe:2.3:a:fortinet:fortiswitchmanager:7.2.5
-
cpe:2.3:a:fortinet:fortiswitchmanager:7.2.6
-
cpe:2.3:o:fortinet:fortios:7.0.0
-
cpe:2.3:o:fortinet:fortios:7.0.1
-
cpe:2.3:o:fortinet:fortios:7.0.10
-
cpe:2.3:o:fortinet:fortios:7.0.11
-
cpe:2.3:o:fortinet:fortios:7.0.12
-
cpe:2.3:o:fortinet:fortios:7.0.13
-
cpe:2.3:o:fortinet:fortios:7.0.14
-
cpe:2.3:o:fortinet:fortios:7.0.15
-
cpe:2.3:o:fortinet:fortios:7.0.16
-
cpe:2.3:o:fortinet:fortios:7.0.17
-
cpe:2.3:o:fortinet:fortios:7.0.2
-
cpe:2.3:o:fortinet:fortios:7.0.3
-
cpe:2.3:o:fortinet:fortios:7.0.4
-
cpe:2.3:o:fortinet:fortios:7.0.5
-
cpe:2.3:o:fortinet:fortios:7.0.6
-
cpe:2.3:o:fortinet:fortios:7.0.7
-
cpe:2.3:o:fortinet:fortios:7.0.8
-
cpe:2.3:o:fortinet:fortios:7.0.9
-
cpe:2.3:o:fortinet:fortios:7.2.0
-
cpe:2.3:o:fortinet:fortios:7.2.1
-
cpe:2.3:o:fortinet:fortios:7.2.10
-
cpe:2.3:o:fortinet:fortios:7.2.11
-
cpe:2.3:o:fortinet:fortios:7.2.2
-
cpe:2.3:o:fortinet:fortios:7.2.3
-
cpe:2.3:o:fortinet:fortios:7.2.4
-
cpe:2.3:o:fortinet:fortios:7.2.5
-
cpe:2.3:o:fortinet:fortios:7.2.6
-
cpe:2.3:o:fortinet:fortios:7.2.7
-
cpe:2.3:o:fortinet:fortios:7.2.8
-
cpe:2.3:o:fortinet:fortios:7.2.9
-
cpe:2.3:o:fortinet:fortios:7.4.0
-
cpe:2.3:o:fortinet:fortios:7.4.1
-
cpe:2.3:o:fortinet:fortios:7.4.2
-
cpe:2.3:o:fortinet:fortios:7.4.3
-
cpe:2.3:o:fortinet:fortios:7.4.4
-
cpe:2.3:o:fortinet:fortios:7.4.5
-
cpe:2.3:o:fortinet:fortios:7.4.6
-
cpe:2.3:o:fortinet:fortios:7.4.7
-
cpe:2.3:o:fortinet:fortios:7.4.8
-
cpe:2.3:o:fortinet:fortios:7.6.0
-
cpe:2.3:o:fortinet:fortios:7.6.1
-
cpe:2.3:o:fortinet:fortios:7.6.2
-
cpe:2.3:o:fortinet:fortios:7.6.3