CCN-CERT AV 04/25 Critical Security Updates for Fortinet Products
Summary
CCN-CERT issued critical security advisories for two vulnerabilities (CVE-2025-59718 and CVE-2025-59719) affecting Fortinet products FortiOS (versions 7.0.0-7.6.3), FortiProxy (7.0.0-7.6.3), FortiSwitchManager (7.0.0-7.2.6), and FortiWeb (7.4.0-8.0.0). The vulnerabilities could allow attackers to bypass FortiCloud single sign-on (SSO) authentication via a manipulated SAML message when the feature is enabled on the device. Affected organizations are recommended to apply patches immediately and temporarily disable the FortiCloud login function until devices are updated.
“El CCN-CERT recomienda a todas las organizaciones aplicar inmediatamente las actualizaciones publicadas por el fabricante y seguir todas sus indicaciones.”
Organizations running FortiOS 7.0-7.6.3, FortiProxy 7.0-7.6.3, or FortiWeb 7.4-8.0.0 should audit whether FortiCloud SSO is enabled and, if so, apply patches immediately or disable the feature as a temporary mitigation. This is a network-perimeter vulnerability — any exposed Fortinet appliance with the SSO feature enabled should be treated as a priority patch.
About this source
GovPing monitors Spain CCN-CERT alt for new data privacy & cybersecurity regulatory changes. Every update since tracking began is archived, classified, and available as free RSS or email alerts — 3 changes logged to date.
What changed
CCN-CERT published two critical security advisories addressing vulnerabilities CVE-2025-59718 and CVE-2025-59719 in multiple Fortinet products. CVE-2025-59718 affects FortiOS, FortiProxy, and FortiSwitchManager, while CVE-2025-59719 affects FortiWeb. Both vulnerabilities allow authentication bypass via manipulated SAML messages targeting FortiCloud SSO functionality.
Organizations running affected Fortinet products with FortiCloud SSO enabled should prioritize patching immediately. Pending the update, CCN-CERT recommends temporarily disabling the FortiCloud login function as a mitigating control. Security teams should audit their Fortinet deployments to identify all affected versions and track patch availability through Fortinet's security advisories (FG-IR-25-647).
What to do next
- Apply the security updates provided by Fortinet as soon as possible
- Temporarily disable the FortiCloud login function (if enabled) until updating to a non-vulnerable version
Archived snapshot
Apr 23, 2026GovPing captured this document from the original source. If the source has since changed or been removed, this is the text as it existed at that time.
CCN-CERT AV 04/25 Actualizaciones de seguridad para productos de Fortinet
Fecha de publicación: 11/12/2025
Nivel de peligrosidad: CRÍTICO
- El CCN-CERT recomienda a todas las organizaciones aplicar inmediatamente las actualizaciones publicadas por el fabricante y seguir todas sus indicaciones. El CCN-CERT, del Centro Criptológico Nacional, anuncia la publicación por parte de Fortinet de diversas actualizaciones de seguridad para solucionar dos vulnerabilidades críticas (CVE-2025-59718 y CVE-2025-59719) que afectan a sus productos FortiOS, FortiWeb, FortiProxy y FortiSwitchManager que podrían permitir a los atacantes eludir la autenticación de inicio de sesión único (SSO) de FortiCloud mediante un mensaje SAML manipulado, siempre que dicha funcionalidad esté habilitada en el dispositivo.
No obstante, y tal y como ha informado el fabricante, dicha funcionalidad no viene habilitada por defecto cuando el dispositivo no está registrado en FortiCare.
Vulnerabilidad y recurso afectado
| CVE | Nombre del producto | Versiones afectadas | Actualización |
| CVE-2025-59718 | FortiOS | 7.6.0 a 7.6.3
7.4.0 a 7.4.8
7.2.0 a 7.2.11
7.0.0 a 7.0.17 | https://fortiguard.fortinet.com/psirt/FG-IR-25-647 |
| FortiProxy | 7.6.0 a 7.6.3
7.4.0 a 7.4.10
7.2.0 a 7.2.14
7.0.0 a
7.0.21 |
| FortiSwitchManager | 7.2.0 a 7.2.6
7.0.0 a 7.0.5 |
| CVE-2025-59719 | FortiWeb | 8.0.0
7.6.0 a 7.6.4
7.4.0 a 7.4.9 | |
Recomendaciones
El CCN-CERT recomienda a todas las organizaciones aplicar las actualizaciones proporcionadas por Fortinet lo antes posible y desactivar temporalmente la función de inicio de sesión en Forticloud (si está habilitada) hasta que actualicen a una versión no vulnerable.
Más información:
Related changes
Get daily alerts for Spain CCN-CERT alt
Daily digest delivered to your inbox.
Free. Unsubscribe anytime.
Source
About this page
Every important government, regulator, and court update from around the world. One place. Real-time. Free. Our mission
Source document text, dates, docket IDs, and authority are extracted directly from CCN-CERT.
The summary, classification, recommended actions, deadlines, and penalty information are AI-generated from the original text and may contain errors. Always verify against the source document.
Classification
Who this affects
Taxonomy
Browse Categories
Get alerts for this source
We'll email you when Spain CCN-CERT alt publishes new changes.
Subscribed!
Optional. Filters your digest to exactly the updates that matter to you.