Threat Intelligence / CVE / CVE-2025-59719

CVE-2025-59719

CVSS 9.8 (CRITICAL) · EPSS 0.2% · Published 2025-12-09

An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9 may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.

CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-347

Threats tracking this CVE

FortiGate SSO Authentication Bypass Campaign (CVE-2025-59718, CVE-2025-59719, CVE-2026-24858) — CRITICAL

References

https://fortiguard.fortinet.com/psirt/FG-IR-25-647

Full detection coverage & IOCs for threats exploiting CVE-2025-59719 are available via the Threadlinqs MCP server (Purple tier). View plans →

Markdown version · Threadlinqs Intelligence