Fortinet has issued an pressing safety advisory concerning a important vulnerability affecting its FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager product traces.
The safety flaw, recognized as an Improper Verification of Cryptographic Signature (CWE-347), might enable an unauthenticated attacker to bypass the FortiCloud Single Signal-On (SSO) login authentication.
The vulnerability stems from the gadget’s failure to confirm signatures inside SAML messages correctly. If exploited, a menace actor might craft a particular SAML message to achieve unauthorized administrative entry to the gadget.
The problem was found internally by Yonghui Han and Theo Leleu of the Fortinet Product Safety staff and disclosed publicly on December 9, 2025.
Whereas the FortiCloud SSO login characteristic will not be enabled by default, it poses a big danger in deployed environments.
When an administrator registers a tool to FortiCare utilizing the graphical consumer interface (GUI), the “Enable administrative login utilizing FortiCloud SSO” toggle is enabled by default. Until the administrator explicitly disables this swap throughout registration, the gadget turns into susceptible to this bypass instantly.
Mitigation and Workarounds
Fortinet strongly advises prospects to improve to the most recent variations listed beneath. Nonetheless, for organizations that can’t patch instantly, a brief workaround is offered. Directors can mitigate the danger by disabling the FortiCloud login characteristic.
The next desk outlines the susceptible variations and the required upgrades to remediate the problem.
ProductAffected VersionsRemediationFortiOS 7.67.6.0 by 7.6.3Upgrade to 7.6.4 or aboveFortiOS 7.47.4.0 by 7.4.8Upgrade to 7.4.9 or aboveFortiOS 7.27.2.0 by 7.2.11Upgrade to 7.2.12 or aboveFortiOS 7.07.0.0 by 7.0.17Upgrade to 7.0.18 or aboveFortiOS 6.4Not affectedNoneFortiProxy 7.67.6.0 by 7.6.3Upgrade to 7.6.4 or aboveFortiProxy 7.47.4.0 by 7.4.10Upgrade to 7.4.11 or aboveFortiProxy 7.27.2.0 by 7.2.14Upgrade to 7.2.15 or aboveFortiProxy 7.07.0.0 by 7.0.21Upgrade to 7.0.22 or aboveFortiSwitchManager 7.27.2.0 by 7.2.6Upgrade to 7.2.7 or aboveFortiSwitchManager 7.07.0.0 by 7.0.5Upgrade to 7.0.6 or aboveFortiWeb 8.08.0.0Upgrade to eight.0.1 or aboveFortiWeb 7.67.6.0 by 7.6.4Upgrade to 7.6.5 or aboveFortiWeb 7.47.4.0 by 7.4.9Upgrade to 7.4.10 or above
Comply with us on Google Information, LinkedIn, and X for each day cybersecurity updates. Contact us to characteristic your tales.
