Vulnerability Management

Potential attacks threaten over tens of thousands of Fortinet devices

Fortinet disclosed four critical vulnerabilities this week, including one RCE bug “potentially being exploited in the wild.” (Credit: Casimiro – stock.adobe.com)

Ongoing intrusions exploiting the critical Fortinet FortiCloud SSO authentication bypass issue, tracked as CVE-2025-59718, could compromise more than 25,000 online Fortinet devices with FortiCloud SSO activated, according to BleepingComputer.

The U.S. had the most exposure to potential attacks, accounting for over a fifth of Fortinet devices with a FortiCloud SSO fingerprint, followed by India, findings from The Shadowserver Foundation revealed. Additional details on the number of Fortinet devices secured against the intrusions were not provided. Meanwhile, over 30,000 Fortinet devices with enabled FortiCloud SSO were discovered by Macnica threat researcher Yutaka Sejiyama, who expressed surprise at the elevated number of publicly accessible Fortinet admin interfaces, considering how previous Fortinet vulnerabilities had been prevalently abused in ransomware and cyberespionage attacks.

Such findings come after CVE-2025-59718, which Fortinet patched alongside fellow critical authentication bypass bug CVE-2025-59719, was added to the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds