FortiOS, FortiWeb, and FortiProxy Vulnerability Lets Attackers Bypass FortiCloud SSO Authentication

Posted on By CWS

Fortinet has issued an pressing safety advisory concerning a important vulnerability affecting its FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager product traces.

The safety flaw, recognized as an Improper Verification of Cryptographic Signature (CWE-347), might enable an unauthenticated attacker to bypass the FortiCloud Single Signal-On (SSO) login authentication.

The vulnerability stems from the gadget’s failure to confirm signatures inside SAML messages correctly. If exploited, a menace actor might craft a particular SAML message to achieve unauthorized administrative entry to the gadget.

The problem was found internally by Yonghui Han and Theo Leleu of the Fortinet Product Safety staff and disclosed publicly on December 9, 2025.

Whereas the FortiCloud SSO login characteristic will not be enabled by default, it poses a big danger in deployed environments.

When an administrator registers a tool to FortiCare utilizing the graphical consumer interface (GUI), the “Enable administrative login utilizing FortiCloud SSO” toggle is enabled by default. Until the administrator explicitly disables this swap throughout registration, the gadget turns into susceptible to this bypass instantly.

Mitigation and Workarounds

Fortinet strongly advises prospects to improve to the most recent variations listed beneath. Nonetheless, for organizations that can’t patch instantly, a brief workaround is offered. Directors can mitigate the danger by disabling the FortiCloud login characteristic.

The next desk outlines the susceptible variations and the required upgrades to remediate the problem.

ProductAffected VersionsRemediationFortiOS 7.67.6.0 by 7.6.3Upgrade to 7.6.4 or aboveFortiOS 7.47.4.0 by 7.4.8Upgrade to 7.4.9 or aboveFortiOS 7.27.2.0 by 7.2.11Upgrade to 7.2.12 or aboveFortiOS 7.07.0.0 by 7.0.17Upgrade to 7.0.18 or aboveFortiOS 6.4Not affectedNoneFortiProxy 7.67.6.0 by 7.6.3Upgrade to 7.6.4 or aboveFortiProxy 7.47.4.0 by 7.4.10Upgrade to 7.4.11 or aboveFortiProxy 7.27.2.0 by 7.2.14Upgrade to 7.2.15 or aboveFortiProxy 7.07.0.0 by 7.0.21Upgrade to 7.0.22 or aboveFortiSwitchManager 7.27.2.0 by 7.2.6Upgrade to 7.2.7 or aboveFortiSwitchManager 7.07.0.0 by 7.0.5Upgrade to 7.0.6 or aboveFortiWeb 8.08.0.0Upgrade to eight.0.1 or aboveFortiWeb 7.67.6.0 by 7.6.4Upgrade to 7.6.5 or aboveFortiWeb 7.47.4.0 by 7.4.9Upgrade to 7.4.10 or above

Comply with us on Google Information, LinkedIn, and X for each day cybersecurity updates. Contact us to characteristic your tales.

Cyber Security News Tags:, , , , , , , , ,

Related Posts

FBI Atlanta Seizes Major Video Game Piracy Websites in International Operation Cyber Security News
Threat Actors Weaponizing YouTube Video Download Site to Download Proxyware Malware Cyber Security News
Qilin RaaS Exposed 1 Million Files and 2 TB of Data Linked to Korean MSP Breach Cyber Security News
New Web3 Phishing Attack Leverages Fake AI Platforms to Steal Usernames and Passwords Cyber Security News
APT-C-60 Attacking Job Seekers to Download Weaponized VHDX File from Google Drive to Steal Sensitive Data Cyber Security News
Threat Actors Weaponize PDF Editor With New Torjan to Turn Device Into Proxy Cyber Security News