Ongoing intrusions exploiting the critical Fortinet FortiCloud SSO authentication bypass issue, tracked as CVE-2025-59718, could compromise more than 25,000 online Fortinet devices with FortiCloud SSO activated, according to BleepingComputer.The U.S. had the most exposure to potential attacks, accounting for over a fifth of Fortinet devices with a FortiCloud SSO fingerprint, followed by India, findings from The Shadowserver Foundation revealed. Additional details on the number of Fortinet devices secured against the intrusions were not provided. Meanwhile, over 30,000 Fortinet devices with enabled FortiCloud SSO were discovered by Macnica threat researcher Yutaka Sejiyama, who expressed surprise at the elevated number of publicly accessible Fortinet admin interfaces, considering how previous Fortinet vulnerabilities had been prevalently abused in ransomware and cyberespionage attacks.Such findings come after CVE-2025-59718, which Fortinet patched alongside fellow critical authentication bypass bug CVE-2025-59719, was added to the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog.
Vulnerability Management
Potential attacks threaten over tens of thousands of Fortinet devices

(Credit: Casimiro - stock.adobe.com)
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



