The nonprofit security organization recently added fingerprinting capabilities for Fortinet devices with FortiCloud SSO to its Device Identification reporting system.
This proactive scanning effort aims to help organizations identify potentially vulnerable systems before threat actors can exploit them.
CVE-2025-59718 has been added to CISA’s Known Exploited Vulnerabilities Catalog, indicating active exploitation or significant threat potential.
This designation requires federal agencies to patch affected systems urgently under CISA’s Binding Operational Directive 22-01.
The companion vulnerability, CVE-2025-59719, raises additional security concerns for FortiCloud SSO implementations.
While not all 25,000 identified systems are necessarily vulnerable to these specific CVEs, the widespread exposure creates a significant attack surface for potential exploitation.
Organizations using Fortinet devices with FortiCloud SSO enabled should treat this as a high-priority security alert.
The Shadowserver Foundation is actively notifying affected organizations through its reporting system.
Network administrators receiving exposure reports should immediately verify their systems’ vulnerability status and apply available security patches from Fortinet.
Organizations should review their Fortinet device configurations, particularly those with FortiCloud SSO enabled, to determine if they are running affected versions.
Even if specific vulnerability confirmation is unclear, administrators should prioritize patching and implementing additional security measures.
Security teams should inventory all Fortinet devices in their infrastructure, disable FortiCloud SSO if not actively required, apply the latest security updates from Fortinet, and monitor network traffic for suspicious authentication attempts targeting FortiCloud SSO functionality.
The discovery highlights the importance of continuous security monitoring and rapid vulnerability response, especially for internet-facing enterprise infrastructure components.
Follow us on Google News , LinkedIn and X to Get More Instant Updates, Set Cyberpress as a Preferred Source in Google.
The post Massive FortiCloud SSO Exposure Leaves 25,000+ Devices Vulnerable appeared first on Cyber Security News.
The HTC U24 Pro may not be gold, but its design is otherwise awfully similar…
The US Cybersecurity and Infrastructure Security Agency (CISA), which is part of the Department of…
On Thursday morning, I attended a Q&A panel with four top Samsung smartphone executives. Until…
The Scream franchise has been ramping up production over the last few years. Scream 5…
Amazon recently discounted the 2025 27" Samsung G5 OLED to $349.99, making it the lowest…
Between PlayStation's big PS Direct sale and Woot's new "Video Games For All!" sale, this…
This website uses cookies.